finniebox

Hallo. Ik heb vandaag een 5.1 surround speaker set gekocht (de Logitech z506) maar nu komt er maar uit 3 van de 5 speakers geluid. Alvast bedankt voor jullie hulp

NZBEE of piratebay

als ik wow cataclysm wil opstarten geeft die in wow error deze error aan (ik heb wondows 8.1): ============================================================================== World of WarCraft: Retail Build (build 15595) Exe: C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe Time: Sep 15, 2013 6:11:10.944 PM User: finn Computer: FINN-PC ------------------------------------------------------------------------------ This application has encountered a critical error: Program: C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe ProcessID: 3856 File: .\Client.cpp Line: 3623 file: signaturefile WoWBuild: 15595 Version: 4.3.4 Type: WoW Platform: X86 Settings: SET locale "enUS" ---------------------------------------- GxInfo ---------------------------------------- No GX Device Created Desktop Display List: Device Name: \\.\DISPLAY1 Device String: NVIDIA GeForce 9800 GT State Flags: 0x08000005 Device ID: PCI\VEN_10DE&DEV_0601&SUBSYS_90171B0A&REV_A2 Installed DX9 Version: File Version: 6.3.9600.16384 ------------------------------------------------------------------------------ ---------------------------------------- Stack Trace (Manual) ---------------------------------------- Address Frame Logical addr Module Showing 10/10 threads... --- Thread ID: 2224 [Current Thread] --- 01346A14 0036F630 0001:00005A14 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 013480E9 0036F768 0001:000070E9 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 013483F6 0036F778 0001:000073F6 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 01348458 0036F80C 0001:00007458 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 74F6A534 0036F818 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 0036F85C 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 0036F86C 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 3152 --- 74F6A534 010EF88C 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 010EF8D0 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 010EF8E0 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 1124 --- 74F6A534 012EFF78 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 012EFFBC 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 012EFFCC 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 3056 --- 74F6A534 0351FDA4 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 0351FDE8 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 0351FDF8 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 1172 --- 757F5D23 0365FD74 0001:00024D23 C:\WINDOWS\SYSTEM32\combase.dll 757F5D91 0365FD9C 0001:00024D91 C:\WINDOWS\SYSTEM32\combase.dll 757F5E54 0365FEC4 0001:00024E54 C:\WINDOWS\SYSTEM32\combase.dll 757F5FAA 0365FED4 0001:00024FAA C:\WINDOWS\SYSTEM32\combase.dll 74F6A534 0365FEE0 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 0365FF24 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 0365FF34 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 3348 --- 76B910C0 0379FDB0 0001:000000C0 C:\WINDOWS\SYSTEM32\KERNELBASE.dll 7250530D 0379FDC8 0001:0014430D C:\WINDOWS\SYSTEM32\WININET.dll 74F6A534 0379FDD4 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 0379FE18 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 0379FE28 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 360 --- 74F6A534 038DFA4C 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 038DFA90 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 038DFAA0 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 3628 --- 76B910C0 03A1F89C 0001:000000C0 C:\WINDOWS\SYSTEM32\KERNELBASE.dll 0171F69B 03A1F8D4 0001:003DE69B C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 0172393A 03A1F8E8 0001:003E293A C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 01952A8E 03A1F920 0001:00611A8E C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 01952B36 03A1F92C 0001:00611B36 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 74F6A534 03A1F938 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 03A1F97C 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 03A1F98C 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 3036 --- 76B910C0 03B5FEBC 0001:000000C0 C:\WINDOWS\SYSTEM32\KERNELBASE.dll 0171F17F 03B5FEF4 0001:003DE17F C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 0172393A 03B5FF08 0001:003E293A C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 01952A8E 03B5FF40 0001:00611A8E C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 01952B36 03B5FF4C 0001:00611B36 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 74F6A534 03B5FF58 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 03B5FF9C 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 03B5FFAC 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll --- Thread ID: 3060 --- 76B910C0 03C9FA88 0001:000000C0 C:\WINDOWS\SYSTEM32\KERNELBASE.dll 0171F569 03C9FABC 0001:003DE569 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 0172393A 03C9FAD0 0001:003E293A C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 01952A8E 03C9FB08 0001:00611A8E C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 01952B36 03C9FB14 0001:00611B36 C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe 74F6A534 03C9FB20 0001:0000A534 C:\WINDOWS\SYSTEM32\KERNEL32.DLL 77158F8B 03C9FB64 0001:00047F8B C:\WINDOWS\SYSTEM32\ntdll.dll 77158F61 03C9FB74 0001:00047F61 C:\WINDOWS\SYSTEM32\ntdll.dll ---------------------------------------- Stack Trace (Using DBGHELP.DLL) ---------------------------------------- Showing 10/10 threads... --- Thread ID: 2224 [Current Thread] --- 01346A14 Wow.exe <unknown symbol>+0 (FFFFFFFE,00000000,00000001,61746144) 013480E9 Wow.exe <unknown symbol>+0 (00000001,00000001,0036F80C,01348458) 013483F6 Wow.exe <unknown symbol>+0 (0134E4D5,01340000,00000000,004F1C2C) 01348458 Wow.exe <unknown symbol>+0 (FEFAF000,0036F85C,77158F8B,FEFAF000) 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (FEFAF000,ED444E25,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (01341190,FEFAF000,00000000,00000000) --- Thread ID: 3152 --- 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (004F3A18,EC7C4EA9,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (771243E1,004F3A18,00000000,00000000) --- Thread ID: 1124 --- 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (0050DD30,EC5C49C5,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (771243E1,0050DD30,00000000,00000000) --- Thread ID: 3056 --- 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (0050DD30,EE234B91,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (771243E1,0050DD30,00000000,00000000) --- Thread ID: 1172 --- 757F5D23 combase.dll CoFreeUnusedLibrariesEx+4290 (00000000,0000EA60,00000FA0,00000000) 757F5D91 combase.dll CoFreeUnusedLibrariesEx+4400 (FFFFFFFF,00000000,0051A8A8,0051A8A8) 757F5E54 combase.dll CoFreeUnusedLibrariesEx+4595 (00000000,00000000,0365FEE0,74F6A534) 757F5FAA combase.dll CoFreeUnusedLibrariesEx+4937 (0051A8A8,0365FF24,77158F8B,0051A8A8) 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (0051A8A8,EE17495D,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (757F5F94,0051A8A8,00000000,00000000) --- Thread ID: 3348 --- 76B910C0 KERNELBASE.dll WaitForSingleObject+18 (000023B4,FFFFFFFF,00000000,00506C58) 7250530D WININET.dll UrlCacheSetGlobalLimit+3456 (00506C58,0379FE18,77158F8B,00506C58) 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (00506C58,EE0B4861,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (725052DB,00506C58,00000000,00000000) --- Thread ID: 360 --- 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (004F3A18,EEFF4CE9,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (771243E1,004F3A18,00000000,00000000) --- Thread ID: 3628 --- 76B910C0 KERNELBASE.dll WaitForSingleObject+18 (00002404,FFFFFFFF,009B9830,00000000) 0171F69B Wow.exe GetBattlenetAllocator+1564587 (009B9C80,00000000,009B9830,03A1F920) 0172393A Wow.exe GetBattlenetAllocator+1581642 (009B97C8,944B2F81,00000000,009B9830) 01952A8E Wow.exe GetBattlenetAllocator+3871646 (00000000,03A1F938,74F6A534,009B9830) 01952B36 Wow.exe GetBattlenetAllocator+3871814 (009B9830,03A1F97C,77158F8B,009B9830) 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (009B9830,EED34F05,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (01952AB4,009B9830,00000000,00000000) --- Thread ID: 3036 --- 76B910C0 KERNELBASE.dll WaitForSingleObject+18 (000021EC,FFFFFFFF,00000000,00A09C88) 0171F17F Wow.exe GetBattlenetAllocator+1563279 (00000000,00000000,009D1868,03B5FF40) 0172393A Wow.exe GetBattlenetAllocator+1581642 (00A09C88,945F29E1,00000000,009D1868) 01952A8E Wow.exe GetBattlenetAllocator+3871646 (00000000,03B5FF58,74F6A534,009D1868) 01952B36 Wow.exe GetBattlenetAllocator+3871814 (009D1868,03B5FF9C,77158F8B,009D1868) 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (009D1868,EEC749E5,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (01952AB4,009D1868,00000000,00000000) --- Thread ID: 3060 --- 76B910C0 KERNELBASE.dll WaitForSingleObject+18 (0000242C,FFFFFFFF,00000000,00A0A1D0) 0171F569 Wow.exe GetBattlenetAllocator+1564281 (009D1D18,00000000,009BBD38,03C9FB08) 0172393A Wow.exe GetBattlenetAllocator+1581642 (00A0A1D0,94232DA9,00000000,009BBD38) 01952A8E Wow.exe GetBattlenetAllocator+3871646 (00000000,03C9FB20,74F6A534,009BBD38) 01952B36 Wow.exe GetBattlenetAllocator+3871814 (009BBD38,03C9FB64,77158F8B,009BBD38) 74F6A534 KERNEL32.DLL BaseThreadInitThunk+14 (009BBD38,EEBB4D1D,00000000,00000000) 77158F8B ntdll.dll RtlInitializeExceptionChain+132 (FFFFFFFF,7714DAE8,00000000,00000000) 77158F61 ntdll.dll RtlInitializeExceptionChain+90 (01952AB4,009BBD38,00000000,00000000) ---------------------------------------- Loaded Modules ---------------------------------------- DBG-MODULE<01340000 00CDC000 "Wow.exe" "Wow.pdb" 0 {9a9fe68a-1174-4bdf-b51a0cab2be97eae} 1 1334105658> DBG-MODULE<64BF0000 00141000 "dbghelp.dll" "dbghelp.pdb" 0 {24f6937d-6631-40a2-aff3210434afba90} 1 1265054906> DBG-MODULE<64D40000 0006C000 "AcSpecfc.DLL" "AcSpecfc.pdb" 0 {c3fb6507-8a5c-4aa2-86e98dea8663af2b} 2 1377140993> DBG-MODULE<670C0000 00077000 "mscms.dll" "mscms.pdb" 0 {84a0210a-8f58-4978-9d3db48d22ed361b} 2 1377139077> DBG-MODULE<69260000 001B8000 "d3d9.dll" "d3d9.pdb" 0 {78dcc3e0-96d7-45bd-bdd82dbd667b7e34} 2 1377144219> DBG-MODULE<6CDB0000 0000A000 "ondemandconnroutehelper.dll" "OnDemandConnRouteHelper.pdb" 0 {e21dd70c-3bd1-4d6a-a2297c4cc5164582} 1 1377140028> DBG-MODULE<6D1D0000 00035000 "DINPUT8.dll" "dinput8.pdb" 0 {c9495d33-fbf6-40c1-ac8eecf7c9d6ada0} 1 1377144049> DBG-MODULE<6E0B0000 0000A000 "HID.DLL" "hid.pdb" 0 {e8adb919-d31a-482d-ad300801e5808f98} 2 1377140083> DBG-MODULE<70820000 00007000 "DCIMAN32.dll" "dciman32.pdb" 0 {66db339f-213a-4393-9763545e815ade1d} 2 1377144364> DBG-MODULE<70830000 000E7000 "DDRAW.dll" "ddraw.pdb" 0 {473230dd-86f9-4bd7-9afc8076b47859b0} 2 1377138809> DBG-MODULE<70920000 00024000 "GLU32.dll" "glu32.pdb" 0 {d82e4ecf-3050-46a8-8ee9b9d00e4511f3} 1 1377144358> DBG-MODULE<70950000 000D4000 "OPENGL32.dll" "opengl32.pdb" 0 {99c9bb34-df50-4926-9672f55a466612db} 1 1377144200> DBG-MODULE<71850000 00094000 "winhttp.dll" "winhttp.pdb" 0 {6eb98610-9f10-4064-a54dc43b8f7b36ac} 2 1377139145> DBG-MODULE<71B70000 00020000 "WINMMBASE.dll" "winmmbase.pdb" 0 {3b36f42b-a12a-480f-8b8048e043d6214b} 2 1377139382> DBG-MODULE<71B90000 00019000 "dwmapi.dll" "dwmapi.pdb" 0 {14948e4f-8f88-4851-90727da0847c6e05} 2 1377139384> DBG-MODULE<71BB0000 00015000 "MSACM32.dll" "msacm32.pdb" 0 {e617796e-9544-44fb-a7a530eee1751fe6} 2 1377140038> DBG-MODULE<71BD0000 00020000 "WINMM.dll" "winmm.pdb" 0 {fdf01e3e-bc87-4d66-9dca13fe687ba88b} 2 1377139193> DBG-MODULE<72080000 00007000 "rasadhlp.dll" "rasadhlp.pdb" 0 {7f89602f-ffd8-4f43-a953e9498f91ba0a} 2 1377140076> DBG-MODULE<720A0000 0007C000 "DNSAPI.dll" "dnsapi.pdb" 0 {fe598a74-4859-4eac-b5fd266c120785d2} 2 1377140140> DBG-MODULE<72170000 00045000 "mswsock.dll" "mswsock.pdb" 0 {1b15c0ef-a598-4116-9f9168b3676c7b87} 2 1377140124> DBG-MODULE<723C0000 001C3000 "WININET.dll" "wininet.pdb" 0 {f043d056-da3c-4c16-b065e1e4404469e4} 2 1377137835> DBG-MODULE<72590000 00123000 "urlmon.dll" "urlmon.pdb" 0 {e5168a09-9627-41f3-87a9e5bb4dc5d6d0} 2 1377137548> DBG-MODULE<727A0000 0009A000 "apphelp.dll" "apphelp.pdb" 0 {a8586c92-df13-4f3e-937807bbe474de0e} 2 1377144377> DBG-MODULE<728D0000 00044000 "fwpuclnt.dll" "fwpuclnt.pdb" 0 {ba7904d3-9017-47d9-8b69a928e16ce3c6} 2 1377139201> DBG-MODULE<72960000 00009000 "kernel.appcore.dll" "Kernel.Appcore.pdb" 0 {57f9ca59-0c19-4c88-8904e1a3ddc39cae} 1 1377139960> DBG-MODULE<72D30000 00321000 "msi.dll" "msi.pdb" 0 {6e260f0e-d199-4738-8f2c42f5921a37f2} 2 1377142774> DBG-MODULE<731F0000 0001D000 "bcrypt.dll" "bcrypt.pdb" 0 {090bf1b3-c6e2-425f-9faa15367c90371c} 1 1377140098> DBG-MODULE<73210000 0002F000 "rsaenh.dll" "rsaenh.pdb" 0 {a255d597-cc43-44dc-95f44ae5396cc145} 2 1377140137> DBG-MODULE<732B0000 00014000 "MPR.dll" "mpr.pdb" 0 {265d895a-8cc7-47f3-8c45ab0af31cc1bd} 2 1377140160> DBG-MODULE<73310000 00018000 "CRYPTSP.dll" "cryptsp.pdb" 0 {79b48b7c-7979-45cd-af494ae1bd96cafb} 2 1377140155> DBG-MODULE<734F0000 001E5000 "Comctl32.dll" "comctl32.pdb" 0 {b7eb53f3-f66d-4dc0-991440686284ee43} 2 1377144708> DBG-MODULE<736E0000 00008000 "WINNSI.DLL" "winnsi.pdb" 0 {134a72f0-9936-4502-a7b384b487e66749} 2 1377140139> DBG-MODULE<736F0000 0000E000 "profapi.dll" "profapi.pdb" 0 {d5c73836-fd11-424b-8543c0ea729768cc} 2 1377140135> DBG-MODULE<73700000 0001E000 "IPHLPAPI.DLL" "iphlpapi.pdb" 0 {11de9d0b-2a7e-477c-a05a8dc59b91d53d} 2 1377140141> DBG-MODULE<73720000 00215000 "iertutil.dll" "iertutil.pdb" 0 {1abc5ed5-a51d-4917-95d008f084c18a3d} 2 1377143259> DBG-MODULE<73940000 00077000 "SHCORE.DLL" "shcore.pdb" 0 {aac7c0c4-77b1-4112-b7f0948c2332c352} 2 1377138983> DBG-MODULE<739C0000 00019000 "USERENV.dll" "userenv.pdb" 0 {7b8bc18f-f790-4c5c-bb363740da74a03e} 2 1377139638> DBG-MODULE<74840000 00009000 "Secur32.dll" "secur32.pdb" 0 {08d4b291-7cae-4c5c-b4f7708dbb045da6} 2 1377140153> DBG-MODULE<74A40000 0001F000 "DEVOBJ.dll" "devobj.pdb" 0 {4a41110d-51f5-45eb-b7fe5f9b715569a6} 2 1377139848> DBG-MODULE<74AC0000 00008000 "VERSION.dll" "version.pdb" 0 {53263fc9-3a54-465d-a5ac7deead454ecb} 2 1377144352> DBG-MODULE<74AD0000 00051000 "bcryptPrimitives.dll" "bcryptprimitives.pdb" 0 {4a41b658-5ef2-44a8-a35c013518c8267a} 2 1377140118> DBG-MODULE<74B30000 00009000 "CRYPTBASE.dll" "cryptbase.pdb" 0 {76a631a0-64a1-4157-a09d2feef88ee611} 2 1377144515> DBG-MODULE<74B40000 0001D000 "SspiCli.dll" "wsspicli.pdb" 0 {91696492-17ce-40d1-836fb4208bb31d42} 1 1377140124> DBG-MODULE<74BA0000 000BE000 "msvcrt.dll" "msvcrt.pdb" 0 {13d832d4-5ddb-4ada-b974b97749467373} 2 1377144821> DBG-MODULE<74C60000 0007D000 "clbcatq.dll" "CLBCatQ.pdb" 0 {a9e49c41-c6ae-475b-9a258b4f883c5d2b} 2 1377138021> DBG-MODULE<74CE0000 00150000 "USER32.dll" "wuser32.pdb" 0 {e8bc0c89-39e9-437e-865240ae2118b7cf} 2 1377139877> DBG-MODULE<74E30000 00077000 "ADVAPI32.dll" "advapi32.pdb" 0 {f03b9328-d2fa-4b59-b202d8d58da680fe} 2 1377144193> DBG-MODULE<74EC0000 00087000 "COMDLG32.dll" "comdlg32.pdb" 0 {cda4c712-aa3a-4d30-b58413d5580e2ece} 2 1377140758> DBG-MODULE<74F50000 00140000 "KERNEL32.DLL" "wkernel32.pdb" 0 {98d5a368-b44a-4bd0-a6e545dd002c19b4} 1 1377144251> DBG-MODULE<750E0000 0004D000 "WS2_32.dll" "ws2_32.pdb" 0 {f5179395-47af-4e61-800b96c2c660978c} 2 1377140130> DBG-MODULE<75280000 00025000 "IMM32.dll" "wimm32.pdb" 0 {42c95b6a-d742-4fcd-bec66b1e9213efd1} 2 1377144357> DBG-MODULE<75430000 0010B000 "ole32.dll" "ole32.pdb" 0 {088e9cc6-87d3-4e36-9b3a3d14bf73a85e} 2 1377138220> DBG-MODULE<75550000 0003A000 "cfgmgr32.dll" "cfgmgr32.pdb" 0 {a722836e-65d5-431c-947f212a299b17e0} 2 1377140118> DBG-MODULE<75590000 00086000 "COMCTL32.dll" "comctl32v582.pdb" 0 {61313ac1-7a7a-4e66-b1bcbab0b0c858ef} 2 1377144476> DBG-MODULE<75620000 001AC000 "SETUPAPI.dll" "setupapi.pdb" 0 {df211beb-c676-4859-8b67a7e168c52e15} 2 1377137934> DBG-MODULE<757D0000 0014E000 "combase.dll" "combase.pdb" 0 {74ef6c43-278e-4994-931726a90e71e164} 2 1377139918> DBG-MODULE<75920000 011A1000 "SHELL32.dll" "shell32.pdb" 0 {047885e3-e725-4873-a693e0ad97c8b96f} 2 1377139194> DBG-MODULE<76B30000 00041000 "SHLWAPI.dll" "shlwapi.pdb" 0 {75cd943d-d85d-46c7-ad105a0a84fcc58a} 2 1377137883> DBG-MODULE<76B90000 000CF000 "KERNELBASE.dll" "wkernelbase.pdb" 0 {5f8c9b39-80e0-44fc-a8bce686b2406a61} 2 1377144621> DBG-MODULE<76C60000 00007000 "NSI.dll" "nsi.pdb" 0 {63c7095d-0453-4027-99d78ab16bfdbacc} 2 1377144782> DBG-MODULE<76C80000 0003E000 "sechost.dll" "sechost.pdb" 0 {3d0a96e5-ec53-4911-bb72627c8d81a22c} 2 1377144558> DBG-MODULE<76CC0000 000F7000 "MSCTF.dll" "msctf.pdb" 0 {eaa2247f-1d91-4c3e-9c19eca030b96d38} 2 1377139513> DBG-MODULE<76DC0000 000B1000 "RPCRT4.dll" "wrpcrt4.pdb" 0 {d0f45982-45d8-434b-86614071d7a6d1fc} 2 1377140206> DBG-MODULE<76E80000 00087000 "OLEAUT32.dll" "oleaut32.pdb" 0 {a3fbe608-ab96-466e-99dfea93e9b9afee} 2 1377140026> DBG-MODULE<76F30000 00108000 "GDI32.dll" "wgdi32.pdb" 0 {375dee6b-4eae-4289-84dcf03750c99f80} 2 1377140368> DBG-MODULE<77110000 00168000 "ntdll.dll" "wntdll.pdb" 0 {bda74a24-8b27-441d-bc00193e0f32f7cb} 2 1377144853> ---------------------------------------- Memory Dump ---------------------------------------- Stack: 1024 bytes starting at (ESP = 0036E95C) * = addr ** * 0036E950: 01 00 6E 00 B5 0D 40 01 5C E9 36 00 00 00 00 00 ..n...@.\.6..... 0036E960: 01 00 04 00 03 00 01 00 00 00 00 00 00 00 00 00 ................ 0036E970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E9A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E9B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E9C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E9D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E9E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036E9F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA10: 00 00 00 00 00 00 00 00 34 EC 36 00 B5 0D 40 01 ........4.6...@. 0036EA20: 00 00 00 00 00 00 00 00 5C E9 36 00 00 00 00 00 ........\.6..... 0036EA30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EA90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EAA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EAB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EAC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EAD0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EAE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EAF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EB90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EBA0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EBB0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EBC0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EBD0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EBE0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EBF0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EC00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EC10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EC20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0036EC30: 25 AB F6 74 60 EC 36 00 3B 57 3F 01 01 00 6E 00 %..t`.6.;W?...n. 0036EC40: 80 4B 3F 01 C0 26 00 00 05 00 00 00 64 E9 36 00 .K?..&......d.6. 0036EC50: 27 0E 00 00 94 74 AC 01 00 00 00 00 02 00 00 00 '....t.......... 0036EC60: 90 F4 36 00 7F 5D 3F 01 02 00 00 00 B8 F0 AD 01 ..6..]?......... 0036EC70: 27 0E 00 00 90 EC 36 00 00 00 00 00 01 00 00 00 '.....6......... 0036EC80: 02 00 00 00 11 11 11 11 14 00 00 00 40 A4 70 04 ............@.p. 0036EC90: 66 69 6C 65 3A 20 73 69 67 6E 61 74 75 72 65 66 file: signaturef 0036ECA0: 69 6C 65 00 8F 86 9E 00 FF FF FF FF FF FF FF FF ile............. 0036ECB0: 02 00 00 00 01 00 00 00 18 EE 36 00 B3 93 73 01 ..........6...s. 0036ECC0: 10 EE 36 C1 B8 22 D0 04 68 60 DF 01 30 13 9B 00 ..6.."..h`..0... 0036ECD0: 73 69 67 6E 61 74 75 72 65 66 69 6C 65 00 00 00 signaturefile... 0036ECE0: E1 56 42 04 00 00 00 00 3C 00 00 00 00 00 00 00 .VB.....<....... 0036ECF0: 66 8E AC 01 00 00 00 00 00 00 00 00 00 00 00 00 f............... 0036ED00: 4C 10 6F 01 8F 86 9E C1 00 00 00 00 00 00 00 00 L.o............. 0036ED10: 01 00 00 00 58 8E AC 01 73 69 67 6E 61 74 75 72 ....X...signatur 0036ED20: 65 66 69 6C 65 00 A8 00 68 60 DF 01 90 F1 36 00 efile...h`....6. 0036ED30: 97 96 73 01 88 60 DF 01 00 00 00 00 20 F3 36 00 ..s..`...... .6. 0036ED40: C8 F3 36 00 01 00 02 00 00 00 9B 00 E0 9A 9E 00 ..6............. 0036ED50: 88 EE 36 00 F1 03 1A 77 F9 5D 66 9A FE FF FF FF ..6....w.]f..... ------------------------------------------------------------------------------ Percent memory used: 22 Total physical memory: 8589103104 Free physical memory: 6686711808 Page file: 17179037696 Total virtual memory: 4294836224 Free virtual memory: 4149714944 ------------------------------------------------------------------------------ List of running WoW processes: Process: C:\Users\finn\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe; pid: 3856 ====================================================================== Hardware/Driver Information: Processor: 0x9 Page Size: 4096 Min App Address: 0x10000 Max App Address: 0xfffeffff Processor Mask: 0x3 Number of Processors: 2 Processor Type: 8664 Allocation Granularity: 65536 Processor Level: 6 Processor Revision: 5898 Os Version: 6.2 Os Service Pack: 0.0

het werkte weer mu nu werkt het weer niet meer - - - Updated - - - ik heb het txt bestand in de bijlagen van dit bericht gezet sfcdetails.txt

Probeer het te doen met apk bestanden die gewoon download op google en die dan op je tablet zet, dan als je zo op je tablet gezet hebt ga je naar de file browser op je tablet en zoek je de apk's, als je die gevonden hebt druk je erop en zal die waarschijnlijk vragen of je het wil installeren dan druk je op ja of accepteren en dan ben je klaar (dan heb je geen play store maar je kan bijvoorbeeld gewoon temple run apk opzoeken dan het proces hiervoor doen en dan heb je bijvoorbeeld temple run)

Misschien even scannen op malware en virussen?

ja het werkt allemaal weer

dit is de log Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.09.06.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Finn :: FINNS-PC [administrator] Bescherming: Uitgeschakeld 8-9-2013 20:06:36 mbam-log-2013-09-08 (20-06-36).txt Scan type: Volledige scan (C:\|D:\|F:\|G:\|) Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 414687 Verstreken tijd: 31 minuut/minuten, 6 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

hier heb je de logjes het zijn er 2 omdat ik het perongelijk 2 keer deed dit is de gene die ik als 1e dee: Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by Finn on zo 08-09-2013 at 17:12:44,61. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Finn\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results08-09-2013-1605.log 42539 bytes ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection deleted successfully ==== EOF on zo 08-09-2013 at 17:22:41,12 ====================== en deze als 2e hoef ik waarschijnlijk niet te zeggen maarja Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by Finn on zo 08-09-2013 at 17:23:22,73. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Finn\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results08-09-2013-1605.log 42539 bytes C:\zoek-results08-09-2013-1722.log 605 bytes ==== EOF on zo 08-09-2013 at 17:23:55,07 ======================

dit is het logje van zoek: Zoek.exe Version 4.0.0.4 Updated 07-September-2013 Tool run by Finn on zo 08-09-2013 at 15:55:43,12. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Finn\Desktop\zoek\zoek.exe [script inserted] ==== System Restore Info ====================== 8-9-2013 15:56:30 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E9CDFE87-DAD8-4D30-80AC-73815A5DF510} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ASRockOCTuner"=- "zASRockInstantBoot"=- "ASRockIES"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection] ==== Deleting Files \ Folders ====================== "C:\Users\Finn\AppData\Roaming\Tunngle\Local.key" deleted "C:\Users\Finn\AppData\Roaming\Tunngle\Local.pub" deleted "C:\Users\Finn\AppData\Roaming\Tunngle" deleted "C:\Users\Finn\AppData\Roaming\Search Protection" deleted "C:\Users\Finn\AppData\Roaming\Search Protection" deleted "C:\ProgramData\APN" deleted "C:\ProgramData\Package Cache" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-08-09 17:41:08 8EECACB73ABE4C3B5DD79E1E1891FD50 162577 ----a-w- C:\Windows\Animated Wallpaper Maker Uninstaller.exe ====== C:\Users\Finn\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-08-26 11:03:26 68EF855725F65A5C3C24F78D33388F30 238352 ----a-w- C:\Windows\Sysnative\drivers\VBoxDrv.sys 2013-08-26 11:03:06 F3CF9F56C2A8AEB50EB679DC76902BE0 120080 ----a-w- C:\Windows\Sysnative\drivers\VBoxUSBMon.sys 2013-08-14 13:34:37 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-14 13:33:57 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-08-12 18:32:51 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-08-09 15:26:25 7A711D08F1FD1AB8149B6199F84A0EB7 11216160 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2013-08-09 15:25:11 92E4BEE1A9EC0572F794B5BAECC0B599 39712 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys ====== C:\Windows\Tasks ====== 2013-08-12 18:32:19 -------- d-----w- C:\Windows\Sysnative\Tasks\Safer-Networking 2013-08-10 19:22:35 7373A75F3214ECB6AA17BB843EC9FB52 2960 ----a-w- C:\Windows\Sysnative\Tasks\{1E557B1C-CD06-47AC-A839-BDBA171E5A1A} 2013-08-10 19:21:27 7373A75F3214ECB6AA17BB843EC9FB52 2960 ----a-w- C:\Windows\Sysnative\Tasks\{47904C2F-238D-48E6-B710-51BC3C9D9806} 2013-08-10 19:20:56 7373A75F3214ECB6AA17BB843EC9FB52 2960 ----a-w- C:\Windows\Sysnative\Tasks\{08A2EB4A-1B3E-43FA-969F-82264022ADE6} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-09-08 09:34:58 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-08-30 09:54:05 -------- d-----w- C:\Program Files (x86)\Environment Simulating Studio 2013-08-29 16:08:32 -------- d-----w- C:\Program Files (x86)\Euro Truck Simulator 2 2013-08-29 15:55:50 -------- d-----w- C:\Program Files (x86)\Cheat Engine 6.3 2013-08-25 19:30:06 -------- d-----w- C:\Program Files (x86)\Opera 2013-08-14 09:00:59 -------- d-----w- C:\Program Files (x86)\Saints Row The Third 2013-08-12 18:31:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-08-09 18:01:55 -------- d-----w- C:\Program Files (x86)\VirtualDJ 2013-08-09 17:41:07 -------- d-----w- C:\Program Files (x86)\Common Files\Thraex Software 2013-08-09 17:41:07 -------- d-----w- C:\Program Files (x86)\Animated Wallpaper Maker ======= C: ===== ====== C:\Users\Finn\AppData\Roaming ====== 2013-09-07 12:58:55 DA7C1C4CBA0CDC50E056757D419A3B52 36 ----a-w- C:\users\Finn\AppData\Roaming\mbam.context.scan 2013-09-05 14:23:19 -------- d-----w- C:\users\Finn\AppData\Local\EdgeOfReality 2013-09-02 14:05:14 -------- d-----w- C:\users\Finn\AppData\Local\Arma 3 Alpha 2013-08-26 18:11:08 -------- d-----w- C:\users\Finn\AppData\Locallow\Sony Online Entertainment 2013-08-26 18:11:08 -------- d-----w- C:\users\Finn\AppData\Local\SCE 2013-08-25 19:30:08 -------- d-----w- C:\users\Finn\AppData\Roaming\Opera Software 2013-08-25 19:30:08 -------- d-----w- C:\users\Finn\AppData\Local\Opera Software 2013-08-10 19:23:34 -------- d-----w- C:\users\Finn\AppData\Local\Nem's Tools 2013-08-09 18:01:59 -------- d-----w- C:\users\Finn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ 2013-08-09 17:41:08 -------- d-----w- C:\users\Finn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animated Wallpaper Maker ====== C:\Users\Finn ====== 2013-09-08 09:34:22 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Desktop\RSITx64.exe 2013-09-08 09:34:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Downloads\RSITx64.exe 2013-09-07 12:54:57 -------- d-----w- C:\ProgramData\GFACE 2013-09-06 16:25:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games 2013-09-02 13:37:25 0CF1BA4E47F3C040B0AEE820F8A868B4 263565262 ----a-w- C:\Users\Finn\Downloads\ARMA_III_Alpha_patch_nosTEAM.exe 2013-08-30 09:54:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Environment Dimension 2013-08-29 16:09:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 2013-08-29 15:55:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3 2013-08-29 15:53:49 707B6F530651A1DBAA7F5D40121A8D0E 8065840 ----a-w- C:\Users\Finn\Downloads\CheatEngine63.exe 2013-08-26 11:05:24 -------- d-----w- C:\Users\Finn\VirtualBox VMs 2013-08-26 11:04:29 -------- d-----w- C:\Users\Finn\.VirtualBox 2013-08-26 11:00:50 E0A35854A22EDFF0F9D9D5658A38582A 99776784 ----a-w- C:\Users\Finn\Downloads\VirtualBox-4.2.16-86992-Win.exe 2013-08-25 19:34:55 6D4FAC78CB072237613DAF9F68F1F28B 27891222 ----a-w- C:\Users\Finn\Downloads\tor-browser-2.3.25-12_en-US.exe 2013-08-25 19:29:28 D7DD0F2889B6CB7163FAE90E93DF3C20 31026832 ----a-w- C:\Users\Finn\Downloads\Opera_15.0.1147.153_Setup.exe 2013-08-25 16:06:45 AF3DA615759D7E22B6C9CD6E9E818C72 4067176 ----a-w- C:\Users\Finn\Downloads\Tunngle_Setup_v4.5.1.2.exe 2013-08-12 18:32:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-08-12 18:31:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 ====== C: exe-files == 2013-09-08 09:34:59 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Finn.exe 2013-09-08 09:34:22 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Desktop\RSITx64.exe 2013-09-08 09:34:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Downloads\RSITx64.exe 2013-09-08 08:16:22 0EFD2A0808C335C86A3C62FCFB1415DA 54368 ----a-w- C:\Users\Finn\Desktop\shexview\shexview.exe 2013-09-06 16:53:16 7FC914AE446E6979416751876A79B4B0 266752 ----a-r- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\Launcher.exe 2013-09-06 16:24:58 06425F0A71E21E37EE5FDFA84A62AF9B 5104128 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\Scribble.exe 2013-09-06 16:23:20 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\DirectXRedist\DXSETUP.exe 2013-09-06 16:23:17 21598B8A68FBB191200AEDB69D47CB57 716275 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\unins000.exe 2013-09-06 15:53:25 D6A62223E929358EBC5638890C4D5710 1777152 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Loadout\SubmitReport.exe 2013-09-06 15:53:25 9FC34BB5D585F09320BB799E7E29222B 15066464 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe 2013-09-06 15:23:16 B48BC95225FDD280DAC5A6C57BF5559A 2275760 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004b67\dao.16810112.exe 2013-09-05 13:57:08 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Loadout\_CommonRedist\DirectX\Jun2010\DXSETUP.exe 2013-09-04 15:43:28 514FC42D49F76C16CC1839A6B9D3AC05 1611104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_29.0.1547.62_chrome_updater.exe 2013-09-04 15:18:29 E11581E3DC370632791DE54C0DF7455E 2259320 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004ad4\dao.16798210.exe 2013-09-04 15:18:00 211226DF07F88FE163B5E63EA2189874 70144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vvis.exe 2013-09-04 15:18:00 1974D26B426AD069FD0330C5F4E8591A 70144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vtex.exe 2013-09-04 15:17:58 B57B2F6ABD597314475C5E7061C0ABFA 79872 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vrad.exe 2013-09-04 15:17:58 B48DA50CDAD4A9841040B6A050B7BA60 92072 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe 2013-09-04 15:17:57 8EA05090443953C237248C5AB86FA93B 134144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\splitskybox.exe 2013-09-04 15:17:56 FB3C87A2C8D67F79A4B8DD4B3173B21E 79360 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\shadercompile.exe 2013-09-04 15:17:56 7A6BFAA6E613A54E4E6C95492BA4F04E 179200 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\captioncompiler.exe 2013-09-04 15:17:55 F9A6258880D7C98CA3A73D0A7CDAD33B 145408 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hammer.exe 2013-09-04 15:17:55 78F0F46D360AB354C0B4961B26B52510 252416 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\glview.exe 2013-09-04 15:17:51 F058FA5C8B60AE99D93924A1B3415B5F 685056 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\pfm2tgas.exe 2013-09-04 15:17:51 ECBF8E977E8357BAC22EEC19976FB553 3322368 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\elementviewer.exe 2013-09-04 15:17:51 E9C067C451B0BB3098436DE2F427C541 737792 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\normal2ssbump.exe 2013-09-04 15:17:51 CF489298AB8575B6E577C0EC8543BB1E 2745856 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\qc_eyes.exe 2013-09-04 15:17:51 CF04B99D6C647B5AFCCF7758B9EC3A57 525824 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hlmv.exe 2013-09-04 15:17:51 CA78B77392D4C9DD23667A9BE0B66DCE 756224 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\height2ssbump.exe 2013-09-04 15:17:51 C72EA4CF3D17A5C6E8E45E159BF49151 1775616 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmxedit.exe 2013-09-04 15:17:51 9464DB27CC54ADFA9163E6BC9EC8B57E 621568 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmxconvert.exe 2013-09-04 15:17:51 928662BDDF7644616A1FC2FFEDB90124 1520640 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vbsp.exe 2013-09-04 15:17:51 8A8C524AA9C7A096B65B8DB707AFFBFC 711168 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vpk.exe 2013-09-04 15:17:51 8591193DB998D0CB39192B78C46B2982 756224 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\mksheet.exe 2013-09-04 15:17:51 7F11D72211874D57B272AD1773E84865 357888 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\motionmapper.exe 2013-09-04 15:17:51 72C99D3BB58EE0D563D0D69B3AE1FB91 1966080 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\studiomdl.exe 2013-09-04 15:17:51 6D8BD8113509BC9EC1463AB1A19343FF 481792 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vbspinfo.exe 2013-09-04 15:17:51 45653942FEF5BF00C5D0255C948CC496 742912 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\height2normal.exe 2013-09-04 15:17:51 2AD8B8022A042D74E40C2425AD307D2D 483328 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\bspzip.exe 2013-09-04 15:17:51 1FDF2A5B563E5D7338B24F2D01AE7816 768512 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vtf2tga.exe 2013-09-04 15:17:51 036744AF6C00945A15A49082062573B4 1740800 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hlfaceposer.exe 2013-09-03 13:28:19 BD6514920BE8395AA37087D2FFDE9EEF 1267216 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004ac7\vops-team_fortress_2.16790368.exe 2013-09-03 13:28:08 47461B9D890C2D1C725C0B9E82C76E0C 2234864 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004ace\dao.16790368.exe 2013-09-02 13:37:25 0CF1BA4E47F3C040B0AEE820F8A868B4 263565262 ----a-w- C:\Users\Finn\Downloads\ARMA_III_Alpha_patch_nosTEAM.exe 2013-09-02 10:00:01 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\spybotsd2-translation-frx.exe 2013-09-02 10:00:00 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\spybotsd2-translation-frx.exe 2013-09-02 09:59:59 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDDisableProxy.exe 2013-09-02 09:59:59 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDisableProxy.exe === C: other files == 2013-09-08 13:53:33 2EBACA5D89D5BECB1197FECBC97EFDD7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$IA7IZ9L.zip 2013-09-08 13:50:33 D7B842F8E99848C71BEFB062B9B22070 3754639 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RA7IZ9L.zip 2013-09-07 12:58:27 A8A229705C242FD8493D8D62481254AB 65973 ----a-w- C:\Users\Finn\Desktop\shexview.zip 2013-09-07 12:58:21 A8A229705C242FD8493D8D62481254AB 65973 ----a-w- C:\Users\Finn\Downloads\shexview.zip 2013-09-05 18:33:37 FD097BAB93F501A5055415F9E96508EC 2277 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip 2013-09-05 18:33:37 367A7716893FD4870FBBDB1CB95C016C 2267 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip 2013-09-05 18:33:36 FF658496C639E15BF892422C152512CD 2546 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0001.zip 2013-09-05 18:33:36 ECB142AF0A6BE39A8F5C172537A8C4BB 2621 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0001.zip 2013-09-05 18:33:36 E7E0F9D902EFDD4378E9F1616F2F79E7 2603 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0001.zip 2013-09-05 18:33:36 E261D9FE1A10DF8EA210DAEDD1F77846 2596 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0001.zip 2013-09-05 18:33:36 C4F9ADBFBC8A09480754557CAC4F779D 2618 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0001.zip 2013-09-05 18:33:36 8BB2A061DB4C1B00696F99EC4F45FD41 2577 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0001.zip 2013-09-05 18:33:36 7AA26653D3189D69DFF2C734C8F8457E 5976 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0001.zip 2013-09-05 18:33:36 754BF984430A6C42E133197BBAAF2EF6 2706 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0001.zip 2013-09-05 18:33:36 2D9B829CFFAC364EA2C2BA304A967A9C 2651 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0001.zip 2013-09-05 18:33:36 0C0B061DDEE39D60059A6F3286C72549 2271 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip 2013-09-04 15:17:51 FD1FD353658A25D495532AB0FD6F11B0 7337896 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\itemtest.com 2013-09-02 13:06:05 80E7046625E69B0092617AD6F862FF6A 4693 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip 2013-09-02 13:06:02 54EB946A54A5D4397B1013AA238C7D95 4683 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip 2013-09-02 13:06:01 F1A6B3042EE0D6220069BAE7201021EA 5089 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip 2013-09-02 13:06:01 D626B6A3DA9EAF1885E1691C458E3D03 5119 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip 2013-09-02 13:06:01 C33A95FC8E33846AA04D70C0ADEA84AB 36890 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip 2013-09-02 13:06:01 B36EC62483E19474621FFF042D3D5072 5052 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip 2013-09-02 13:06:01 89092EA217860A28D05D6926301D0779 4686 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip 2013-09-02 13:06:01 751B3ADDA97A5BD0BC07833F0A25EACE 5018 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip 2013-09-02 13:06:01 5B2CD8D4DC5B60E2B10ED2C217B40EA0 5022 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip 2013-09-02 13:06:01 415DC39B6DD3755A0294C3A53AA9B750 5100 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0000.zip 2013-09-02 13:06:01 32B53E4754A5A70722F4A4DB82B53158 5011 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip 2013-09-02 13:06:01 305DD17187C2BAA0B09EBC9C7EBC3510 5054 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip 2013-09-02 13:06:01 146558424AEF2EEA3CAB3D1124878D40 5164 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip 2013-09-02 13:06:01 133663E94FCDAFE46CB1A7FA69A0FBBD 5121 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0000.zip 2013-09-02 13:06:01 03AA52C16D68AC3A355B65F873705916 4961 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip 2013-09-02 13:06:00 4BC39AAB3766F58ECF2F9B9BD5C32BD9 4713 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip 2013-09-02 13:06:00 3D201074196B847C177AC055ABF85E6C 4713 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0001.zip 2013-09-02 12:43:05 1C09663AB5042E801CD1C0160E27396D 55082507 ----a-w- C:\Users\Finn\Downloads\Arma3_Alpha_nosTEAM.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Starter"="C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Clownfish] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Clownfish" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Clownfish\\Clownfish.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogMeIn Hamachi Ui" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RESTART_STICKY_NOTES] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RESTART_STICKY_NOTES" "hkey"="HKCU" "command"="C:\\Windows\\System32\\StikyNot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Finn\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Finn\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-07-2013 16:55] C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe [26-06-2013 20:40] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-06-2013 20:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-06-2013 20:33] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Finn\AppData\Roaming\Mozilla\Firefox\Profiles\z262q5gu.default - leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ==== Firefox Plugins ====================== Profilepath: C:\Users\Finn\AppData\Roaming\Mozilla\Firefox\Profiles\z262q5gu.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14-08-2013 11:12] http //www.totaljerkface.com/ - Finn - Default\Extensions\acofpjmahanncjpdfmiidfafjjgkolfm GFACE Experience Plugin - Finn - Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol https //bankieren.triodos.nl/ib-seam/pages/ho - Finn - Default\Extensions\foppfknfmidokhggnfjnnemdblenooch AdBlock - Finn - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom http //www.hackforums.net/ - Finn - Default\Extensions\ifkncmdkhbbjnkgljainlbpggcldahop Skype for Chromium - Finn - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.search.yahoo.com?type=512435&fr=spigot-yhp-ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{E9CDFE87-DAD8-4D30-80AC-73815A5DF510}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9CDFE87-DAD8-4D30-80AC-73815A5DF510}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Uninstall List x64 ====================== æTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] AIDA64 Extreme Edition v2.85 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AIDA64 Extreme Edition_is1] Animated Wallpaper Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Animated Wallpaper Maker] ASRock IES v2.0.61 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock IES_is1] ASRock InstantBoot v1.24 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock InstantBoot_is1] ASRock OC DNA v1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock OC DNA_is1] ASRock OC Tuner v2.3.54 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock OC Tuner_is1] BS.Player FREE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf] Cheat Engine 6.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Cheat Engine 6.3_is1] Clownfish for Skype [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Clownfish] Core Temp 1.0 RC5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1] CPU Speed Pro version 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1] DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite] Driver Genius [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1] ESET Smart Security [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45CA4B17-F1C4-4058-8164-367AA349D85A}] Euro Truck Simulator 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1] FarCry 3 v1.05 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FarCry 3 v1.05] Fresco Logic USB3.0 Host Controller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A445B6F1-C69E-4F0F-B3F8-79A5C7A6066B}] Garry's Mod [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 4000] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Java 7 Update 25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217025FF}] Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] Loadout [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 208090] LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}] LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LogMeIn Hamachi] Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] Microsoft .NET Framework 4 Client Profile NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4567EA14-6BCA-3EF9-859B-92CE48B1D704}] Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}] Microsoft .NET Framework 4 Extended NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{021B6358-4373-3FC0-A0B4-4709B7E0D3E5}] Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F2508213-9989-4E85-A078-72BE483917EF}] Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}] Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUS] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a1909659-0a08-4554-8af1-2175904903a1}] Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8e70e4e1-06d7-470b-9f74-a51bef21088e}] Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{764384C5-BCA9-307C-9AAC-FD443662686A}] Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}] Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}] Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}] Mozilla Firefox 23.0.1 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 23.0.1 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] Need for Speed Most Wanted [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Need for Speed Most Wanted_R.G. Mechanics_is1] NewProject [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A72A4ACD-46E1-48B3-9174-8FCB1F29C74B}] NewsLeecher v5.0 Beta 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NewsLeecher_is1] Notepad++ [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++] NVIDIA-configuratiescherm 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA 3D Vision controllerstuurprogramma 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] NVIDIA 3D Vision stuurprogramma 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] NVIDIA GeForce Experience 1.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] NVIDIA Grafisch stuurprogramma 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}] NVIDIA PhysX systeemsoftware 9.13.0604 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo] NVIDIA Update 7.2.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update] NVIDIA Virtual Audio 1.2.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] NZBEE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3BFF165A-A27B-4A98-A65C-6E82A5FBF318}] NZBEE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NZBEE] Opera Stable 15.0.1147.153 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Opera 15.0.1147.153] PerformanceTest v7.0 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PerformanceTest 7_is1] QuickPar 0.9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QuickPar] Real Environment Dimension version 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAE84355-9B64-4B00-93B1-CCE4C8A49087}_is1] Realtek Ethernet Controller Driver For Windows 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Scribblenauts Unlimited [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Scribblenauts Unlimited_is1] Search Protection [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection] SHIELD Streaming [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}] SkypeT 6.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}] Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify] Spotnet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12947715-B6F0-4597-816F-5E13FB647921}_is1] Spotnet Improver Local v2.0-rc1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Spotnet Improver Local_is1] Spybot - Search & Destroy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1] Steam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3}] Sumotori Full Version [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sumotori Full Version] Team Fortress 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 440] Virtual DJ Pro Full - Atomix Productions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Virtual DJ Pro Full - Atomix Productions] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B48B0AC-C813-4174-9042-476A887592C7}] WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] XBMC [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\XBMC] ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Finn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Finn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Finn\AppData\Local\Mozilla\Firefox\Profiles\z262q5gu.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Finn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Finn\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 08-09-2013 at 16:05:00,51 ====================== En dit is het logje van de malware: Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.09.06.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Finn :: FINNS-PC [administrator] Bescherming: Uitgeschakeld 8-9-2013 16:09:03 mbam-log-2013-09-08 (16-09-03).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 242365 Verstreken tijd: 2 minuut/minuten, 36 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

dit is de inhoud van de logLogfile of random's system information tool 1.09 (written by random/random) Run by Finn at 2013-09-08 11:34:58 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 128 GB (51%) free of 250 GB Total RAM: 8191 MB (74% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:35:09, on 8-9-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Finn.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Zoeken - zoeken op het web R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (file missing) O4 - HKLM\..\Run: [starter] C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1329758275-923032009-2089121907-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1329758275-923032009-2089121907-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AutoKMS - Unknown owner - C:\Windows\AutoKMS\AutoKMS.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11167 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService taskeng.exe {63ED9015-C65F-4269-A428-7324691B5B39} C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" C:\Windows\SysWOW64\PnkBstrA.exe "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" WLIDSvcM.exe 2476 "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k secsvcs %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe atieclxx "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session "taskhost.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp "C:\Windows\system32\Dwm.exe" \??\C:\Windows\system32\conhost.exe "1470691417277861732719348343251264411231733411-10277288221492168649-422225866 "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" "C:\Program Files (x86)\Steam\Steam.exe" -silent "C:\Windows\System32\StikyNot.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\Windows Media Player\wmpnetwk.exe" explorer.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="732.0.683416429\2141219229" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0601 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2018 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.2.1035042450\532628909" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.3.2035448064\2039927123" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --lang=nl --channel="732.7.1087623147\1655075637" /prefetch:-390060480 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/ManualResetProfile/Enable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.18.371577342\1332341933" /prefetch:673131151 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/ManualResetProfile/Enable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.29.372271576\358857864" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\Finn\Desktop\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\AutoKMS.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Finn\AppData\Roaming\Mozilla\Firefox\Profiles\z262q5gu.default [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.8.800.94 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.8.800.94 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14 6311296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-17 10134560] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-12-21 6326448] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-27 1028896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ASRockOCTuner"= [] "zASRockInstantBoot"= [] "ASRockIES"= [] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] "Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-08-28 1811880] "RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe [2013-07-02 1276152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-06-28 2255184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [2009-07-14 427520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection] C:\Users\Finn\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-05-22 740712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] C:\Users\Finn\AppData\Roaming\Spotify\Spotify.exe [2013-07-09 4640768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] C:\Users\Finn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-07-09 1104384] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Starter"=C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe [] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-09-08 11:34:58 ----D---- C:\rsit 2013-09-08 11:34:58 ----D---- C:\Program Files\trend micro 2013-09-07 14:54:57 ----D---- C:\ProgramData\GFACE 2013-09-05 18:28:43 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-08-30 11:54:05 ----D---- C:\Program Files (x86)\Environment Simulating Studio 2013-08-29 18:08:32 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2 2013-08-29 17:55:50 ----D---- C:\Program Files (x86)\Cheat Engine 6.3 2013-08-26 13:03:26 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys 2013-08-26 13:03:06 ----DC---- C:\Windows\system32\DRVSTORE 2013-08-26 13:03:06 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys 2013-08-25 21:30:08 ----D---- C:\Users\Finn\AppData\Roaming\Opera Software 2013-08-25 21:30:06 ----D---- C:\Program Files (x86)\Opera 2013-08-25 18:21:09 ----D---- C:\Users\Finn\AppData\Roaming\Tunngle 2013-08-14 17:41:04 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-08-14 17:41:04 ----A---- C:\Windows\system32\ieui.dll 2013-08-14 17:41:03 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-08-14 17:41:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-08-14 17:41:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-08-14 17:41:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-14 17:41:03 ----A---- C:\Windows\system32\iesysprep.dll 2013-08-14 17:41:03 ----A---- C:\Windows\system32\iesetup.dll 2013-08-14 17:41:03 ----A---- C:\Windows\system32\iernonce.dll 2013-08-14 17:41:03 ----A---- C:\Windows\system32\ie4uinit.exe 2013-08-14 17:41:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-08-14 17:41:02 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-08-14 17:41:02 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-14 17:41:02 ----A---- C:\Windows\system32\jscript.dll 2013-08-14 17:41:02 ----A---- C:\Windows\system32\iertutil.dll 2013-08-14 17:41:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-08-14 17:41:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-08-14 17:41:01 ----A---- C:\Windows\system32\urlmon.dll 2013-08-14 17:41:01 ----A---- C:\Windows\system32\jscript9.dll 2013-08-14 17:41:00 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-08-14 17:41:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-08-14 17:41:00 ----A---- C:\Windows\system32\wininet.dll 2013-08-14 17:41:00 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-14 17:40:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-08-14 17:40:58 ----A---- C:\Windows\system32\mshtml.dll 2013-08-14 17:40:58 ----A---- C:\Windows\system32\ieframe.dll 2013-08-14 17:40:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-08-14 17:37:02 ----D---- C:\Windows\system32\MRT 2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-14 15:35:04 ----A---- C:\Windows\system32\wintrust.dll 2013-08-14 15:35:04 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-14 15:35:04 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-14 15:35:04 ----A---- C:\Windows\system32\crypt32.dll 2013-08-14 15:34:54 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-14 15:34:54 ----A---- C:\Windows\system32\tzres.dll 2013-08-14 15:34:45 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-14 15:34:45 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-14 15:34:45 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-14 15:34:45 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-14 15:34:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-08-14 15:34:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\user.exe 2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-08-14 15:34:40 ----A---- C:\Windows\system32\wow64.dll 2013-08-14 15:34:40 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-08-14 15:34:40 ----A---- C:\Windows\system32\ntdll.dll 2013-08-14 15:34:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-14 15:33:57 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-08-14 11:00:59 ----D---- C:\Program Files (x86)\Saints Row The Third 2013-08-12 20:34:43 ----D---- C:\Users\Finn\AppData\Roaming\Malwarebytes 2013-08-12 20:32:52 ----D---- C:\ProgramData\Malwarebytes 2013-08-12 20:32:51 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-12 20:32:51 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-08-12 20:32:16 ----D---- C:\ProgramData\Spybot - Search & Destroy 2013-08-12 20:31:44 ----A---- C:\Windows\system32\sdnclean64.exe 2013-08-12 20:31:41 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-08-09 20:01:55 ----D---- C:\Program Files (x86)\VirtualDJ 2013-08-09 19:41:08 ----A---- C:\Windows\Animated Wallpaper Maker Uninstaller.exe 2013-08-09 19:41:07 ----D---- C:\Program Files (x86)\Animated Wallpaper Maker 2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\nvopencl.dll 2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\NvIFR.dll 2013-08-09 17:26:25 ----A---- C:\Windows\system32\nvwgf2umx.dll 2013-08-09 17:26:25 ----A---- C:\Windows\system32\nvopencl.dll 2013-08-09 17:26:25 ----A---- C:\Windows\system32\nvoglv64.dll 2013-08-09 17:26:25 ----A---- C:\Windows\system32\NvIFR64.dll 2013-08-09 17:26:25 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\NvFBC.dll 2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll 2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2013-08-09 17:26:24 ----A---- C:\Windows\system32\NvFBC64.dll 2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvd3dumx.dll 2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcuvid.dll 2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcuvenc.dll 2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcuda.dll 2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcompiler.dll 2013-08-09 17:25:52 ----D---- C:\NvidiaLogging 2013-08-09 17:25:11 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll 2013-08-09 17:25:11 ----A---- C:\Windows\system32\nvaudcap64v.dll 2013-08-09 17:25:11 ----A---- C:\Windows\system32\drivers\nvvad64v.sys ======List of files/folders modified in the last 1 month====== 2013-09-08 11:34:59 ----D---- C:\Windows\Temp 2013-09-08 11:34:58 ----RD---- C:\Program Files 2013-09-08 10:55:03 ----D---- C:\Program Files (x86)\Steam 2013-09-08 10:30:23 ----D---- C:\Windows\system32\config 2013-09-08 10:22:36 ----D---- C:\Windows\System32 2013-09-08 10:22:35 ----D---- C:\Windows\inf 2013-09-08 10:22:35 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-09-08 10:15:37 ----D---- C:\ProgramData\NVIDIA 2013-09-07 15:23:41 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-09-07 15:23:41 ----D---- C:\Windows\SYSWOW64\en-US 2013-09-07 15:23:41 ----D---- C:\Windows\SysWOW64 2013-09-07 15:23:41 ----D---- C:\Program Files\Internet Explorer 2013-09-07 15:23:41 ----D---- C:\Program Files (x86)\Internet Explorer 2013-09-07 14:54:57 ----HD---- C:\ProgramData 2013-09-07 14:49:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-06 19:23:39 ----D---- C:\Users\Finn\AppData\Roaming\uTorrent 2013-09-06 19:18:37 ----RD---- C:\Program Files (x86) 2013-09-06 16:31:06 ----A---- C:\Windows\ntbtlog.txt 2013-09-06 16:21:32 ----SHD---- C:\System Volume Information 2013-09-05 19:27:49 ----D---- C:\Windows\Prefetch 2013-09-05 16:22:43 ----RSD---- C:\Windows\assembly 2013-09-03 19:49:40 ----SHD---- C:\Windows\Installer 2013-09-03 19:49:37 ----RD---- C:\Program Files (x86)\Skype 2013-09-03 17:02:33 ----SD---- C:\ProgramData\Microsoft 2013-09-03 16:59:16 ----D---- C:\Windows\system32\catroot2 2013-09-02 10:18:08 ----D---- C:\Users\Finn\AppData\Roaming\XBMC 2013-08-29 17:19:35 ----D---- C:\Windows 2013-08-29 15:31:41 ----D---- C:\Users\Finn\AppData\Roaming\.minecraft 2013-08-28 14:48:30 ----D---- C:\ProgramData\Microsoft Help 2013-08-27 13:34:27 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe 2013-08-26 19:14:33 ----D---- C:\Windows\rescache 2013-08-26 13:11:16 ----D---- C:\Windows\system32\DriverStore 2013-08-26 13:11:16 ----D---- C:\Windows\system32\catroot 2013-08-26 13:11:03 ----D---- C:\Windows\system32\drivers 2013-08-26 12:42:13 ----D---- C:\Users\Finn\AppData\Roaming\BSplayer 2013-08-25 21:48:57 ----D---- C:\Users\Finn\AppData\Roaming\Spotify 2013-08-25 18:21:59 ----RSD---- C:\Windows\Fonts 2013-08-25 17:25:26 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2013-08-14 20:06:39 ----D---- C:\Windows\Microsoft.NET 2013-08-14 17:56:34 ----D---- C:\Windows\winsxs 2013-08-14 17:54:26 ----D---- C:\Windows\system32\nl-NL 2013-08-14 17:54:23 ----D---- C:\Windows\AppPatch 2013-08-14 17:36:55 ----A---- C:\Windows\system32\MRT.exe 2013-08-14 15:00:07 ----D---- C:\Windows\Minidump 2013-08-12 20:32:19 ----D---- C:\Windows\system32\Tasks 2013-08-11 21:01:16 ----D---- C:\ProgramData\Package Cache 2013-08-09 19:41:07 ----D---- C:\Program Files (x86)\Common Files 2013-08-09 17:25:29 ----D---- C:\Program Files\NVIDIA Corporation ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-12-21 57904] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-23 283200] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-12-21 150616] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-12-21 59440] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-12-21 190232] R3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-12-21 213416] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2010-10-28 215104] R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2010-10-28 81984] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-17 2298400] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-05-14 39712] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-07-04 131856] S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760] S3 winusb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\winusb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-06-28 2470736] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14984480] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-05-12 884512] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-27 1889568] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-14 76888] R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-05-16 1817560] R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-05-16 1033688] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-05-15 171928] R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-08-28 563624] S2 AutoKMS;AutoKMS; C:\Windows\AutoKMS\AutoKMS.exe [2013-06-26 732160] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-21 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-14 257416] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-21 116648] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-05 117656] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-22 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------

dit werkt niet

dankjewel dit ga ik proberen andere suggesties zijn nog steeds welkom voor als dit niet werkt xD

als ik ops windows verkenner op deze plek (staat aangegeven op afbeelding Imageshack - 0jnk.png ) staat er windows verkenner reageert niet meer en het is geen malware denk ik want dat heb ik al gescand als ik sfc /scannow doe in cmd /k komt er uiteindelijk dit (staat op dit plaatje Imageshack - aksu.png ) ik wil dit zo graag mogelijk oplossen zonder windows opnieuw te installeren alvast bedankt