Ga naar inhoud

opstarten computer duurt heel lang

Wollie

Door Wollie
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

Driver::

Partner Service

Folder::

c:\programdata\Partner

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
  • Reacties 36
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Wollie Leerling

Wollie

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 11-12-24.01 - wollie 24-12-2011 13:15:10.3.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4091.2972 [GMT 1:00]

Gestart vanuit: c:\users\wollie\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\wollie\Desktop\CFScript - Snelkoppeling.lnk

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-11-24 to 2011-12-24 ))))))))))))))))))))))))))))))

.

.

2011-12-24 13:10 . 2011-12-24 13:10 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-24 11:53 . 2011-12-24 11:53 -------- d-----w- C:\tekst

2011-12-23 19:11 . 2011-12-23 19:11 -------- d-----w- c:\programdata\Malwarebytes

2011-12-23 19:10 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-23 19:10 . 2011-12-23 19:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-12-23 13:49 . 2011-12-23 13:49 -------- d-----w- c:\program files (x86)\Trend Micro

2011-12-23 09:02 . 2011-12-23 09:02 -------- d-----w- c:\windows\SysWow64\wbem\en-US

2011-12-23 08:58 . 2011-12-23 08:58 -------- d-----w- c:\windows\system32\wbem\en-US

2011-12-14 19:49 . 2011-12-14 19:49 -------- d-----w- c:\windows\system32\EventProviders

2011-12-14 02:06 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 01:56 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 01:56 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2011-12-14 01:56 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-12-12 16:14 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll

2011-12-12 16:14 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll

2011-12-12 16:14 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll

2011-12-12 16:14 . 2010-11-20 11:07 59392 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys

2011-12-12 16:14 . 2010-11-20 13:27 3715584 ----a-w- c:\windows\system32\mstscax.dll

2011-12-12 16:14 . 2010-11-20 13:26 1838080 ----a-w- c:\windows\system32\d3d10warp.dll

2011-12-12 16:14 . 2010-11-20 13:27 14967808 ----a-w- c:\program files\DVD Maker\OmdBase.dll

2011-12-12 16:14 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\SysWow64\mstscax.dll

2011-12-12 16:14 . 2010-11-20 12:18 1171456 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2011-12-12 16:14 . 2010-11-20 12:19 954752 ----a-w- c:\windows\SysWow64\mfc40.dll

2011-12-12 16:14 . 2010-11-20 12:19 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll

2011-12-12 16:13 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll

2011-12-12 16:11 . 2010-11-20 13:25 902144 ----a-w- c:\windows\system32\d2d1.dll

2011-12-12 16:10 . 2010-11-05 01:57 444752 ----a-w- c:\windows\system32\mscoree.dll

2011-12-12 16:10 . 2010-11-20 13:28 1731936 ----a-w- c:\windows\system32\ntdll.dll

2011-12-12 16:09 . 2010-11-20 13:26 3205120 ----a-w- c:\windows\system32\mmcndmgr.dll

2011-12-12 16:04 . 2010-11-20 13:26 4120064 ----a-w- c:\windows\system32\mf.dll

2011-12-12 16:03 . 2010-11-20 12:18 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-12-12 16:02 . 2010-11-20 13:25 2058240 ----a-w- c:\windows\system32\wbem\cimwin32.dll

2011-12-12 16:02 . 2010-11-20 12:21 423936 ----a-w- c:\windows\SysWow64\secproc_isv.dll

2011-12-12 05:58 . 2010-11-20 12:17 327168 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe

2011-12-12 05:56 . 2010-11-20 12:20 428032 ----a-w- c:\windows\SysWow64\secproc.dll

2011-12-12 05:56 . 2010-11-20 13:27 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2011-12-12 05:56 . 2010-11-20 12:17 322048 ----a-w- c:\windows\SysWow64\RMActivate.exe

2011-12-12 05:56 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll

2011-12-12 05:56 . 2010-11-05 01:58 297808 ----a-w- c:\windows\SysWow64\mscoree.dll

2011-12-12 05:56 . 2010-11-20 13:26 1340416 ----a-w- c:\windows\system32\diagperf.dll

2011-12-12 05:56 . 2010-11-20 13:26 1866240 ----a-w- c:\windows\system32\ExplorerFrame.dll

2011-12-12 05:56 . 2010-11-20 12:19 3207680 ----a-w- c:\windows\SysWow64\mf.dll

2011-12-12 05:56 . 2010-11-20 13:33 273792 ----a-w- c:\windows\system32\drivers\msiscsi.sys

2011-12-12 05:56 . 2010-11-20 13:27 1881088 ----a-w- c:\windows\system32\msxml3.dll

2011-12-12 05:55 . 2010-11-20 12:18 1334272 ----a-w- c:\windows\SysWow64\CertEnroll.dll

2011-12-12 05:55 . 2010-11-20 13:27 1326080 ----a-w- c:\windows\system32\NaturalLanguage6.dll

2011-12-12 05:54 . 2010-11-20 13:33 299392 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll

2011-12-12 05:54 . 2010-11-20 12:19 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll

2011-12-12 05:54 . 2010-11-20 13:25 4583424 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe

2011-12-12 05:53 . 2010-11-20 13:26 1544192 ----a-w- c:\windows\system32\DWrite.dll

2011-12-12 05:53 . 2010-11-05 01:53 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll

2011-12-12 05:53 . 2010-11-05 01:53 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe

2011-12-12 05:52 . 2010-11-20 13:26 828416 ----a-w- c:\windows\system32\MPSSVC.dll

2011-12-12 05:51 . 2010-11-20 13:25 1975296 ----a-w- c:\windows\system32\CertEnroll.dll

2011-12-12 05:50 . 2010-11-20 13:26 2067456 ----a-w- c:\windows\system32\d3d9.dll

2011-12-12 05:50 . 2010-11-20 13:27 754176 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll

2011-12-12 05:50 . 2010-11-20 13:27 2004480 ----a-w- c:\windows\system32\msxml6.dll

2011-12-12 05:50 . 2010-11-20 13:26 853504 ----a-w- c:\windows\system32\IKEEXT.DLL

2011-12-12 05:50 . 2010-11-20 12:21 1115136 ----a-w- c:\windows\SysWow64\RacEngn.dll

2011-12-12 05:48 . 2010-11-20 13:39 5066752 ----a-w- c:\windows\system32\AuthFWSnapin.dll

2011-12-12 05:48 . 2010-11-20 12:32 5066752 ----a-w- c:\windows\SysWow64\AuthFWSnapin.dll

2011-12-12 05:48 . 2010-11-20 13:26 777728 ----a-w- c:\windows\system32\gpsvc.dll

2011-12-12 05:47 . 2010-11-20 13:26 1137664 ----a-w- c:\windows\system32\FntCache.dll

2011-12-12 05:45 . 2010-11-20 13:26 1632256 ----a-w- c:\windows\system32\dwmcore.dll

2011-12-12 05:45 . 2010-11-20 13:26 3391488 ----a-w- c:\windows\system32\dbgeng.dll

2011-12-12 05:45 . 2010-11-20 09:25 753664 ----a-w- c:\windows\system32\drivers\http.sys

2011-12-12 05:45 . 2010-11-20 13:33 951680 ----a-w- c:\windows\system32\drivers\ndis.sys

2011-12-12 05:45 . 2010-11-20 13:25 1456128 ----a-w- c:\windows\system32\crypt32.dll

2011-12-12 05:45 . 2010-11-20 13:25 1525248 ----a-w- c:\program files\Windows Media Player\wmpnetwk.exe

2011-12-12 05:43 . 2010-11-20 12:18 1154048 ----a-w- c:\windows\SysWow64\crypt32.dll

2011-12-12 05:40 . 2010-11-20 12:17 1049600 ----a-w- c:\windows\SysWow64\mstsc.exe

2011-12-12 05:39 . 2010-11-20 13:33 376192 ----a-w- c:\windows\system32\drivers\netio.sys

2011-12-12 05:39 . 2010-11-20 13:26 317952 ----a-w- c:\windows\system32\dhcpcore.dll

2011-12-12 05:39 . 2010-11-20 13:25 1796096 ----a-w- c:\windows\system32\certmgr.dll

2011-12-12 05:38 . 2010-11-20 09:21 119296 ----a-w- c:\windows\system32\drivers\tdx.sys

2011-12-12 05:37 . 2010-11-20 12:24 1292096 ----a-w- c:\windows\SysWow64\ntdll.dll

2011-12-12 05:37 . 2010-11-20 09:23 261632 ----a-w- c:\windows\system32\drivers\netbt.sys

2011-12-12 05:36 . 2010-11-20 12:21 381440 ----a-w- c:\windows\SysWow64\wer.dll

2011-12-12 05:36 . 2010-11-20 13:27 1246720 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll

2011-12-12 05:36 . 2010-11-20 12:18 342016 ----a-w- c:\windows\SysWow64\certcli.dll

2011-12-12 05:35 . 2010-11-20 13:26 955904 ----a-w- c:\windows\system32\localspl.dll

2011-12-12 05:35 . 2010-11-20 12:17 1174016 ----a-w- c:\program files (x86)\Windows Sidebar\sidebar.exe

2011-12-12 05:35 . 2010-11-20 13:27 210944 ----a-w- c:\windows\system32\ncsi.dll

2011-12-12 05:35 . 2010-11-20 12:19 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2011-12-12 05:34 . 2010-11-20 13:27 457216 ----a-w- c:\windows\system32\msdrm.dll

2011-12-12 05:34 . 2010-11-20 12:18 1371136 ----a-w- c:\windows\SysWow64\dwmcore.dll

2011-12-12 05:33 . 2010-11-20 13:27 1509888 ----a-w- c:\windows\system32\msdtctm.dll

2011-12-12 05:32 . 2010-11-20 13:26 295936 ----a-w- c:\windows\system32\framedynos.dll

2011-12-12 05:32 . 2010-11-20 13:27 2652160 ----a-w- c:\windows\system32\netshell.dll

2011-12-12 05:31 . 2010-11-20 12:20 573440 ----a-w- c:\windows\SysWow64\odbc32.dll

2011-12-12 05:30 . 2010-11-20 13:28 459248 ----a-w- c:\windows\system32\drivers\cng.sys

2011-12-12 05:29 . 2009-07-14 01:16 61440 ----a-w- c:\windows\SysWow64\tcpmonui.dll

2011-12-11 22:54 . 2010-11-20 13:27 519680 ----a-w- c:\windows\system32\netcfgx.dll

2011-12-11 20:42 . 2010-11-20 13:24 343040 ----a-w- c:\windows\system32\lsm.exe

2011-12-11 20:42 . 2010-11-20 13:25 594432 ----a-w- c:\windows\system32\comdlg32.dll

2011-12-11 20:42 . 2010-11-20 13:26 658944 ----a-w- c:\windows\system32\dxgi.dll

2011-12-11 20:41 . 2010-11-20 12:20 1328128 ----a-w- c:\windows\SysWow64\quartz.dll

2011-12-11 20:41 . 2010-11-20 13:25 342016 ----a-w- c:\windows\system32\apphelp.dll

2011-12-11 20:41 . 2010-11-20 12:21 597504 ----a-w- c:\windows\SysWow64\TSWorkspace.dll

2011-12-11 20:41 . 2010-11-20 11:04 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-12-11 20:40 . 2010-11-20 13:27 749568 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll

2011-12-11 20:40 . 2010-11-20 13:27 326144 ----a-w- c:\windows\system32\mswsock.dll

2011-12-11 19:00 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll

2011-12-11 19:00 . 2010-11-20 12:18 91136 ----a-w- c:\windows\SysWow64\dot3api.dll

2011-12-11 19:00 . 2010-11-20 12:21 270848 ----a-w- c:\windows\SysWow64\tsmf.dll

2011-12-11 18:54 . 2010-11-20 13:25 897536 ----a-w- c:\windows\system32\azroles.dll

2011-12-11 18:53 . 2010-11-20 12:21 351232 ----a-w- c:\windows\SysWow64\winhttp.dll

2011-12-11 18:53 . 2010-11-20 13:25 705024 ----a-w- c:\windows\system32\BFE.DLL

2011-12-11 18:53 . 2010-11-20 12:21 1667584 ----a-w- c:\windows\SysWow64\setupapi.dll

2011-12-11 18:52 . 2010-11-20 13:33 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-12-11 18:52 . 2010-11-20 12:18 295936 ----a-w- c:\windows\SysWow64\apphelp.dll

2011-12-11 18:52 . 2010-11-20 13:24 345088 ----a-w- c:\windows\system32\cmd.exe

2011-12-11 18:52 . 2010-11-20 13:26 281600 ----a-w- c:\windows\system32\DShowRdpFilter.dll

2011-12-11 18:52 . 2010-11-20 12:19 2291712 ----a-w- c:\windows\SysWow64\MSVidCtl.dll

2011-12-11 18:51 . 2010-11-20 13:24 653312 ----a-w- c:\windows\system32\lpksetup.exe

2011-12-11 18:51 . 2010-11-20 12:18 2522624 ----a-w- c:\windows\SysWow64\dbgeng.dll

2011-12-11 18:50 . 2010-11-20 12:20 563712 ----a-w- c:\windows\SysWow64\netlogon.dll

2011-12-11 18:50 . 2010-11-20 13:27 1101824 ----a-w- c:\program files\Common Files\System\Ole DB\oledb32.dll

2011-12-11 18:50 . 2010-11-20 12:18 522752 ----a-w- c:\windows\SysWow64\d3d11.dll

2011-12-11 18:50 . 2010-11-20 12:21 1010688 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll

2011-12-11 18:48 . 2010-11-20 13:26 235008 ----a-w- c:\windows\system32\hgprint.dll

2011-12-11 18:48 . 2010-11-20 12:19 2151936 ----a-w- c:\windows\SysWow64\mmcndmgr.dll

2011-12-11 18:46 . 2010-11-20 13:27 1727488 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll

2011-12-11 18:46 . 2010-11-20 13:26 279040 ----a-w- c:\windows\system32\framedyn.dll

2011-12-11 18:46 . 2010-11-20 13:26 501248 ----a-w- c:\windows\system32\IPSECSVC.DLL

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-24 08:34 . 2011-12-24 08:34 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60764C8F-71F4-4634-A93B-34EB442E81BD}\offreg.dll

2011-12-21 19:01 . 2011-12-21 19:01 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2011-12-21 19:01 . 2011-12-21 19:01 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2011-12-21 19:01 . 2011-12-21 19:01 76800 ----a-w- c:\windows\system32\tdc.ocx

2011-12-21 19:01 . 2011-12-21 19:01 603648 ----a-w- c:\windows\system32\vbscript.dll

2011-12-21 19:01 . 2011-12-21 19:01 160256 ----a-w- c:\windows\system32\wextract.exe

2011-12-21 19:01 . 2011-12-21 19:01 1390080 ----a-w- c:\windows\system32\wininet.dll

2011-12-15 00:34 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-12-15 00:34 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-12-04 00:00 . 2011-12-04 00:00 2560 ----a-w- c:\windows\SysWow64\drivers\nl-NL\qwavedrv.sys.mui

2011-12-04 00:00 . 2011-12-04 00:00 5632 ----a-w- c:\windows\SysWow64\drivers\nl-NL\ndiscap.sys.mui

2011-12-04 00:00 . 2011-12-04 00:00 50688 ----a-w- c:\windows\SysWow64\drivers\nl-NL\tcpip.sys.mui

2011-12-03 23:59 . 2011-12-03 23:59 16896 ----a-w- c:\windows\SysWow64\drivers\nl-NL\pacer.sys.mui

2011-12-03 23:59 . 2011-12-03 23:59 26624 ----a-w- c:\windows\SysWow64\drivers\nl-NL\bfe.dll.mui

2011-12-03 23:59 . 2011-12-03 23:59 2560 ----a-w- c:\windows\SysWow64\drivers\nl-NL\scfilter.sys.mui

2011-11-30 01:21 . 2011-12-23 15:24 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60764C8F-71F4-4634-A93B-34EB442E81BD}\mpengine.dll

2011-11-24 04:52 . 2011-12-14 01:56 3145216 ----a-w- c:\windows\system32\win32k.sys

2011-11-05 05:32 . 2011-12-14 01:56 2048 ----a-w- c:\windows\system32\tzres.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-12-24_01.28.56 )))))))))))))))))))))))))))))))))))))))))

.

- 2011-12-03 18:59 . 2011-12-23 20:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-12-03 18:59 . 2011-12-24 10:12 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-12-03 18:58 . 2011-12-23 20:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-12-03 18:58 . 2011-12-24 10:12 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-12-24 10:12 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2011-12-23 20:41 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-12-24 13:08 . 2011-12-24 13:08 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\621b2f176909228deae402a6031e7420\Microsoft.WSMan.Runtime.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\ecd29eb2eda46acfda1229f8362f60e9\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll

+ 2011-12-24 13:07 . 2011-12-24 13:07 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d77eafc89b58f5466b7555d89a293c50\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\c1e58a266d600248f08dca600457e346\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\9f1ca68fbcefac4ef4f13e5f5604ad82\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8260ae5a7d4a7e7cd907c958858da284\Microsoft.Windows.Diagnosis.SDHost.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\371120a0816ba5ce909b8e1341da376f\Microsoft.Windows.Diagnosis.SDEngine.ni.dll

+ 2011-12-24 12:23 . 2011-12-24 12:23 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\866c57c6e58cbe8249b36f21ec8ac18a\Microsoft.MediaCenter.iTv.Hosting.ni.dll

+ 2011-12-24 12:47 . 2011-12-24 12:47 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\584f193ae53236bf55cd78b246214d83\LoadMxf.ni.exe

+ 2011-12-24 12:23 . 2011-12-24 12:23 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\50cda8ab4cd566b222342c3da14302d3\ehiUPnP.ni.dll

+ 2011-12-24 12:23 . 2011-12-24 12:23 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\fae9950502b5464108feda9d64ebea78\ehiTVMSMusic.ni.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\7de9a8137a33d06dad01c8405d960037\dfsvc.ni.exe

- 2011-12-24 01:08 . 2011-12-24 01:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-12-24 08:08 . 2011-12-24 08:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-12-24 01:08 . 2011-12-24 01:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-12-24 08:08 . 2011-12-24 08:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 05:01 . 2011-12-24 07:34 311288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2011-12-24 00:39 311288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-12-24 13:03 . 2011-12-24 13:03 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\93585639099b0e1b8280eb528fb12c0b\UIAutomationClient.ni.dll

+ 2011-12-24 12:25 . 2011-12-24 12:25 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP72F3.tmp\Microsoft.MediaCenter.ITVVM.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\7b701647e76dc015ef7574b789abac7b\System.Messaging.ni.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ab72e394c92f57172be9a9d29be90e90\System.IdentityModel.Selectors.ni.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\d912b15f4aaac2455b690f6e477a67b1\SMDiagnostics.ni.dll

+ 2011-12-24 13:09 . 2011-12-24 13:10 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\d1f466e30784f97cdb0df13554276dd5\napsnap.ni.dll

+ 2011-12-24 13:09 . 2011-12-24 13:09 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\864f48b66cc44fcc43b7a40bc2ccb3cd\napinit.ni.dll

+ 2011-12-24 13:09 . 2011-12-24 13:09 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\fd2464358cddfa04f46d55b9153249e3\naphlpr.ni.dll

+ 2011-12-24 13:09 . 2011-12-24 13:09 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\717cc07bafa8f50a6f87be383fa9018b\napcrypt.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\1b9e231c729d1e59a4610531e0314c6d\MSBuild.ni.exe

+ 2011-12-24 12:46 . 2011-12-24 12:46 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\091f53e39941f5371814cc96d71729a3\MMCFxCommon.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\8f7d31b01ed5d655fd5c48117453f960\Microsoft.WSMan.Management.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\520f7ea348d330647c204acc32afadae\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll

+ 2011-12-24 12:59 . 2011-12-24 12:59 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\3c37f454edf0064bb10747920ae0be9d\Microsoft.Vsa.ni.dll

+ 2011-12-24 13:06 . 2011-12-24 13:06 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\3bdebcf5831c9f66c55e7b650713b2e9\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2011-12-24 13:00 . 2011-12-24 13:00 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f616652a9327d4f41f9adc33aedd8feb\Microsoft.PowerShell.Commands.Diagnostics.ni.dll

+ 2011-12-24 13:02 . 2011-12-24 13:02 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\9e3b197d73893a55ec7bf4d4dda692e2\Microsoft.PowerShell.ConsoleHost.ni.dll

+ 2011-12-24 13:06 . 2011-12-24 13:06 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\7bba925a067b6efc53e6e4ea3c458dc0\Microsoft.PowerShell.Security.ni.dll

+ 2011-12-24 13:05 . 2011-12-24 13:05 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\608d7a44baf1367d7f4b8aa8e96e3d82\Microsoft.PowerShell.GraphicalHost.ni.dll

+ 2011-12-24 12:38 . 2011-12-24 12:38 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c9b6a9b9a26ac6d9d3575cda488172ce\Microsoft.MediaCenter.Playback.ni.dll

+ 2011-12-24 12:24 . 2011-12-24 12:24 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c0673b635e9f01e3084c383e1cc689e5\Microsoft.MediaCenter.Interop.ni.dll

+ 2011-12-24 12:38 . 2011-12-24 12:38 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\a743124afb874ab00d713ab50a7d850d\Microsoft.MediaCenter.ITVVM.ni.dll

+ 2011-12-24 12:43 . 2011-12-24 12:43 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\a4bde939b3d8da9baf5939b9e62d9ef7\Microsoft.MediaCenter.iTv.ni.dll

+ 2011-12-24 12:43 . 2011-12-24 12:43 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\7de5318ee2be8e2b8fcffde83c79ab7c\Microsoft.MediaCenter.iTv.Media.ni.dll

+ 2011-12-24 12:56 . 2011-12-24 12:56 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\53074205d60375dc33155586a27d07eb\Microsoft.MediaCenter.Mheg.ni.dll

+ 2011-12-24 12:40 . 2011-12-24 12:40 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\377d824dde728ce28d61ef522c3be808\Microsoft.MediaCenter.Sports.ni.dll

+ 2011-12-24 12:45 . 2011-12-24 12:45 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\e1b7ce3acfe6f344c39e96d33637c4af\Microsoft.ManagementConsole.ni.dll

+ 2011-12-24 12:54 . 2011-12-24 12:54 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\a1a7ca0c475f607d60d4c8c17b5049af\Microsoft.Build.Utilities.ni.dll

+ 2011-12-24 12:54 . 2011-12-24 12:54 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\8eda32beeba1d8dff2848edce97f15b3\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\9f5bcff6a0b169efa6b607efd8789ea9\Microsoft.Build.Framework.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\0ef8fa5e835e9ae9fd9a20e5d5058460\Microsoft.Build.Framework.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\0c7a36fa5c4a99e157201a67c10ba344\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 107008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\77b758c083ce18f7ff9c262e4f6291e4\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll

+ 2011-12-24 12:43 . 2011-12-24 12:43 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\a37f126e2b6bbb6f476c0d14399949b0\Mcx2Dvcs.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\99229f50cf34d755c07c74f5d7e88803\mcupdate.ni.exe

+ 2011-12-24 12:21 . 2011-12-24 12:21 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\22e35c0c53328cbd317a395f81ce7122\mcstoredb.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4dce2da44e40d021caecb8243667718e\mcplayerinterop.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\9376158dbb6294a55db5b75cf78a06a4\mcGlidHostObj.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\b8735694a594d872e3b89050c3883f5c\MCESidebarCtrl.ni.dll

+ 2011-12-24 12:45 . 2011-12-24 12:45 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\e96db8294b247cffcbd2df3cde0ece40\EventViewer.ni.dll

+ 2011-12-24 12:17 . 2011-12-24 12:17 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\d8fcbbc454183dbd4883686dce6fb198\ehRecObj.ni.dll

+ 2011-12-24 12:23 . 2011-12-24 12:23 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\87f11d95ab10469f888fd76c45f9fceb\ehiWUapi.ni.dll

+ 2011-12-24 12:23 . 2011-12-24 12:23 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\a24c79d19a6d2a3e8ca587ecddd3e735\ehiwmp.ni.dll

+ 2011-12-24 12:16 . 2011-12-24 12:16 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\0de7a02857c6041bc2c86c1db3ca8c23\ehiUserXp.ni.dll

+ 2011-12-24 12:23 . 2011-12-24 12:23 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\421eb174f94249cf6a3b9e517baa82f8\ehiiTv.ni.dll

+ 2011-12-24 12:22 . 2011-12-24 12:22 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\d5bf6f8e9e3d08d407ed68b714c268ae\ehiExtens.ni.dll

+ 2011-12-24 12:22 . 2011-12-24 12:22 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\b55c3bb24dda0acda2bc332cc3016f75\ehiBmlDataCarousel.ni.dll

+ 2011-12-24 12:22 . 2011-12-24 12:22 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\fa493e64ca63def1a404a0d4b44cdefc\ehiActivScp.ni.dll

+ 2011-12-24 12:15 . 2011-12-24 12:15 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\88c5012f9a84d220dc4d413c7935dd07\ehExtHost.ni.exe

+ 2011-12-24 12:14 . 2011-12-24 12:14 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\574c597861e298e143212535dc1e19ec\ehCIR.ni.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\1e040217cf674c6cf528fbfe18c4c2f8\CustomMarshalers.ni.dll

+ 2011-12-24 11:22 . 2011-12-24 11:22 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\6ccad398816b1569afb2a7fcbd49bf42\ComSvcConfig.ni.exe

+ 2011-12-24 09:26 . 2011-12-24 09:26 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\e938d38129512db210e2bc77214849d5\BDATunePIA.ni.dll

+ 2011-12-13 16:09 . 2011-12-24 07:34 1698840 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2048918017-116004491-448208954-1000-8192.dat

+ 2011-12-24 12:14 . 2011-12-24 12:14 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll

+ 2011-12-24 12:59 . 2011-12-24 12:59 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\2fb0402632ad5e804276ac653a95ef80\System.Management.ni.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\4b0d5f66812e9eba4c647e5441016675\System.IdentityModel.ni.dll

+ 2011-12-24 13:00 . 2011-12-24 13:00 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\eed0dd8cdc46206a76e8c23872fc0787\System.Core.ni.dll

+ 2011-12-24 13:08 . 2011-12-24 13:08 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\487581cba0779ee130e354096f40edd1\MMCEx.ni.dll

+ 2011-12-24 12:47 . 2011-12-24 12:47 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\304a3a2c6d63d1ec93f6bcb9397f3078\MIGUIControls.ni.dll

+ 2011-12-24 13:07 . 2011-12-24 13:07 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\f26be213e57cd2abecbcf0d25f2f7954\Microsoft.VisualBasic.ni.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\014c1c5365a633b4202b23ed09f7599c\Microsoft.Transactions.Bridge.ni.dll

+ 2011-12-24 13:04 . 2011-12-24 13:04 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d980c42341a396f0980115c80d18ab57\Microsoft.PowerShell.GPowerShell.ni.dll

+ 2011-12-24 13:00 . 2011-12-24 13:00 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6f0bbc912ec21fad139214ca4578a7ed\Microsoft.PowerShell.Commands.Management.ni.dll

+ 2011-12-24 13:01 . 2011-12-24 13:01 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3ee5d92f3782e7d9a59323caeb58e0ca\Microsoft.PowerShell.Commands.Utility.ni.dll

+ 2011-12-24 13:03 . 2011-12-24 13:03 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0bffc2eeaf9544a9ea24691e9d572438\Microsoft.PowerShell.Editor.ni.dll

+ 2011-12-24 12:15 . 2011-12-24 12:15 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\df43c4f0ad6dbabce22089e305fa2a46\Microsoft.MediaCenter.ni.dll

+ 2011-12-24 12:16 . 2011-12-24 12:16 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\de245e928d08b5c295917878e23b252c\Microsoft.MediaCenter.UI.ni.dll

+ 2011-12-24 12:39 . 2011-12-24 12:39 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ae64957bd11cb42df95fb949e690980c\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll

+ 2011-12-24 12:24 . 2011-12-24 12:24 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\70a990f97a3295782d195bcb052eb69f\Microsoft.MediaCenter.Shell.ni.dll

+ 2011-12-24 12:56 . 2011-12-24 12:56 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5387155d434c05c803a99ccc94aef146\Microsoft.MediaCenter.Bml.ni.dll

+ 2011-12-24 12:59 . 2011-12-24 12:59 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\b733f33cc6a07e4cd5bed494cf536af1\Microsoft.JScript.ni.dll

+ 2011-12-24 12:55 . 2011-12-24 12:55 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\ea8f48f12613578b64bd9077bdae4c31\Microsoft.Ink.ni.dll

+ 2011-12-24 12:54 . 2011-12-24 12:54 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\f298e576c8e06073fe2310ccf0756396\Microsoft.Build.Tasks.ni.dll

+ 2011-12-24 12:54 . 2011-12-24 12:54 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\9f6d2a67a43f90c37d475d9eb433e98b\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\c8205ffff2cc4dea7093b8c59c3b5a3a\Microsoft.Build.Engine.ni.dll

+ 2011-12-24 12:48 . 2011-12-24 12:48 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\a288688a887e392b713bb459110507c1\Microsoft.Build.Engine.ni.dll

+ 2011-12-24 12:20 . 2011-12-24 12:20 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\9fb794b6ac9dc760681ba3b485996b97\mcstore.ni.dll

+ 2011-12-24 12:19 . 2011-12-24 12:19 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\2980298bb4b3f3c844523562d74b0854\mcepg.ni.dll

+ 2011-12-24 12:21 . 2011-12-24 12:21 2165248 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\e6a702f8ccd27dcdcf09008531ab40e5\ehiVidCtl.ni.dll

+ 2011-12-24 12:15 . 2011-12-24 12:15 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\17d0b71391bf67c5a663b140b9a7a936\ehiProxy.ni.dll

+ 2011-12-24 12:14 . 2011-12-24 12:14 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\4ae2cc43ea27f162942af679bf0eaaf8\System.ServiceModel.ni.dll

+ 2011-12-24 12:57 . 2011-12-24 12:57 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\2cafbf62a43038d57239173614435a88\System.Management.Automation.ni.dll

+ 2011-12-24 12:42 . 2011-12-24 12:42 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\c03fb13c164087d7198b2a9cb6e39daf\ehshell.ni.dll

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

2009-08-22 05:41 433648 ----a-w- c:\programdata\Partner\Partner.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-08-07 09:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@="Service"

.

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-18 796192]

R2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 135664]

R2 IGBASVC;EgisTec Service;c:\program files (x86)\Acer Bio Protection\BASVC.exe [2009-08-06 3450368]

R2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]

R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]

R3 cpuz134;cpuz134;c:\users\wollie\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 135664]

R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]

R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2009-08-22 332272]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]

S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

S3 nuvotonhidgeneric;Nuvoton EC Generic HID;c:\windows\system32\DRIVERS\nuvotonhidgeneric.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2011-12-24 c:\windows\Tasks\Acer Registration Data Sending.job

- c:\program files (x86)\Acer\Registration\GREG.exe [2009-07-31 06:55]

.

2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:21]

.

2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:21]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

2009-08-22 05:41 750064 ----a-w- c:\programdata\Partner\Partner64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-08-07 09:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-28 16334880]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7738&r=27361211z306l03e8z1k5t68l1w262

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

TCP: DhcpNameServer = 213.109.127.1 89.188.26.77 212.178.149.250

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-12-24 14:28:56

ComboFix-quarantined-files.txt 2011-12-24 13:28

ComboFix2.txt 2011-12-24 03:39

.

Pre-Run: 583.404.421.120 bytes beschikbaar

Post-Run: 583.203.282.944 bytes beschikbaar

.

- - End Of File - - C011D1F8EB77686708E52B171EA5EFCC

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:
Gestart vanuit: c:\users\wollie\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\wollie\Desktop\CFScript - Snelkoppeling.lnk

Je hebt de procedure niet correct gevolgd.

Er was aangegeven dat je combofix op je desktop moest opslaan bij het downloaden en dat heb je blijkbaar niet gedaan.

Wat je nu moet doen is het bestandje CFScript.txt van je desktop verplaatsen naar de map c:\users\wollie\Downloads.

Dan open je de map c:\users\wollie\Downloads en daar sleep je het bestandje CFScript.txt op ComboFix.exe

Dit zal ComboFix doen opstarten en de instructies in het scriptje itvoeren. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
Wollie Leerling

Wollie

Geplaatst:
  • Auteur
Geplaatst:

Hierbij de nieuwe log:

ComboFix 11-12-26.03 - wollie 27-12-2011 11:32:28.4.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4091.2966 [GMT 1:00]

Gestart vanuit: c:\users\wollie\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\wollie\Downloads\CFScript.txt

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Partner

c:\programdata\Partner\debug.log

c:\programdata\Partner\Partner.dll

c:\programdata\Partner\Partner.exe

c:\programdata\Partner\Partner64.dll

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_Partner Service

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-11-27 to 2011-12-27 ))))))))))))))))))))))))))))))

.

.

2011-12-27 10:48 . 2011-12-27 10:48 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-24 13:49 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll

2011-12-24 13:49 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll

2011-12-24 13:49 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-12-24 13:49 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-12-24 13:49 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-12-24 11:53 . 2011-12-24 11:53 -------- d-----w- C:\tekst

2011-12-23 19:11 . 2011-12-23 19:11 -------- d-----w- c:\programdata\Malwarebytes

2011-12-23 19:10 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-23 19:10 . 2011-12-23 19:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-12-23 13:49 . 2011-12-23 13:49 -------- d-----w- c:\program files (x86)\Trend Micro

2011-12-23 09:02 . 2011-12-23 09:02 -------- d-----w- c:\windows\SysWow64\wbem\en-US

2011-12-23 08:58 . 2011-12-23 08:58 -------- d-----w- c:\windows\system32\wbem\en-US

2011-12-14 19:49 . 2011-12-14 19:49 -------- d-----w- c:\windows\system32\EventProviders

2011-12-14 02:06 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 01:56 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 01:56 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2011-12-14 01:56 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-12-12 16:14 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll

2011-12-12 16:14 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll

2011-12-12 16:14 . 2010-11-20 11:07 59392 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys

2011-12-12 16:14 . 2010-11-20 13:26 1838080 ----a-w- c:\windows\system32\d3d10warp.dll

2011-12-12 16:14 . 2010-11-20 13:27 14967808 ----a-w- c:\program files\DVD Maker\OmdBase.dll

2011-12-12 16:14 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\SysWow64\mstscax.dll

2011-12-12 16:14 . 2010-11-20 12:18 1171456 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2011-12-12 16:14 . 2010-11-20 12:19 954752 ----a-w- c:\windows\SysWow64\mfc40.dll

2011-12-12 16:14 . 2010-11-20 12:19 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll

2011-12-12 16:02 . 2010-11-20 13:25 2058240 ----a-w- c:\windows\system32\wbem\cimwin32.dll

2011-12-12 16:02 . 2010-11-20 12:21 423936 ----a-w- c:\windows\SysWow64\secproc_isv.dll

2011-12-12 05:58 . 2010-11-20 12:17 327168 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe

2011-12-12 05:56 . 2010-11-20 12:20 428032 ----a-w- c:\windows\SysWow64\secproc.dll

2011-12-12 05:56 . 2010-11-20 13:27 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2011-12-12 05:56 . 2010-11-20 12:17 322048 ----a-w- c:\windows\SysWow64\RMActivate.exe

2011-12-12 05:56 . 2010-11-05 01:58 297808 ----a-w- c:\windows\SysWow64\mscoree.dll

2011-12-12 05:56 . 2010-11-20 13:26 1340416 ----a-w- c:\windows\system32\diagperf.dll

2011-12-12 05:56 . 2010-11-20 13:26 1866240 ----a-w- c:\windows\system32\ExplorerFrame.dll

2011-12-12 05:56 . 2010-11-20 12:19 3207680 ----a-w- c:\windows\SysWow64\mf.dll

2011-12-12 05:56 . 2010-11-20 13:33 273792 ----a-w- c:\windows\system32\drivers\msiscsi.sys

2011-12-12 05:55 . 2010-11-20 12:18 1334272 ----a-w- c:\windows\SysWow64\CertEnroll.dll

2011-12-12 05:54 . 2010-11-20 12:19 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll

2011-12-12 05:54 . 2010-11-20 13:25 4583424 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe

2011-12-12 05:53 . 2010-11-05 01:53 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll

2011-12-12 05:53 . 2010-11-05 01:53 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe

2011-12-12 05:51 . 2010-11-20 13:25 1975296 ----a-w- c:\windows\system32\CertEnroll.dll

2011-12-12 05:50 . 2010-11-20 13:26 2067456 ----a-w- c:\windows\system32\d3d9.dll

2011-12-12 05:50 . 2010-11-20 13:26 853504 ----a-w- c:\windows\system32\IKEEXT.DLL

2011-12-12 05:50 . 2010-11-20 12:21 1115136 ----a-w- c:\windows\SysWow64\RacEngn.dll

2011-12-12 05:48 . 2010-11-20 13:39 5066752 ----a-w- c:\windows\system32\AuthFWSnapin.dll

2011-12-12 05:48 . 2010-11-20 12:32 5066752 ----a-w- c:\windows\SysWow64\AuthFWSnapin.dll

2011-12-12 05:48 . 2010-11-20 13:26 777728 ----a-w- c:\windows\system32\gpsvc.dll

2011-12-12 05:45 . 2010-11-20 13:26 1632256 ----a-w- c:\windows\system32\dwmcore.dll

2011-12-12 05:45 . 2010-11-20 13:26 3391488 ----a-w- c:\windows\system32\dbgeng.dll

2011-12-12 05:45 . 2010-11-20 09:25 753664 ----a-w- c:\windows\system32\drivers\http.sys

2011-12-12 05:45 . 2010-11-20 13:33 951680 ----a-w- c:\windows\system32\drivers\ndis.sys

2011-12-12 05:45 . 2010-11-20 13:25 1456128 ----a-w- c:\windows\system32\crypt32.dll

2011-12-12 05:45 . 2010-11-20 13:25 1525248 ----a-w- c:\program files\Windows Media Player\wmpnetwk.exe

2011-12-12 05:43 . 2010-11-20 12:18 1154048 ----a-w- c:\windows\SysWow64\crypt32.dll

2011-12-12 05:40 . 2010-11-20 12:17 1049600 ----a-w- c:\windows\SysWow64\mstsc.exe

2011-12-12 05:39 . 2010-11-20 13:33 376192 ----a-w- c:\windows\system32\drivers\netio.sys

2011-12-12 05:39 . 2010-11-20 13:26 317952 ----a-w- c:\windows\system32\dhcpcore.dll

2011-12-12 05:39 . 2010-11-20 13:25 1796096 ----a-w- c:\windows\system32\certmgr.dll

2011-12-12 05:38 . 2010-11-20 09:21 119296 ----a-w- c:\windows\system32\drivers\tdx.sys

2011-12-12 05:37 . 2010-11-20 12:24 1292096 ----a-w- c:\windows\SysWow64\ntdll.dll

2011-12-12 05:37 . 2010-11-20 09:23 261632 ----a-w- c:\windows\system32\drivers\netbt.sys

2011-12-12 05:36 . 2010-11-20 12:21 381440 ----a-w- c:\windows\SysWow64\wer.dll

2011-12-12 05:36 . 2010-11-20 13:27 1246720 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll

2011-12-12 05:36 . 2010-11-20 12:18 342016 ----a-w- c:\windows\SysWow64\certcli.dll

2011-12-12 05:35 . 2010-11-20 12:17 1174016 ----a-w- c:\program files (x86)\Windows Sidebar\sidebar.exe

2011-12-12 05:35 . 2010-11-20 12:19 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2011-12-12 05:34 . 2010-11-20 12:18 1371136 ----a-w- c:\windows\SysWow64\dwmcore.dll

2011-12-12 05:32 . 2010-11-20 13:26 295936 ----a-w- c:\windows\system32\framedynos.dll

2011-12-12 05:31 . 2010-11-20 12:20 573440 ----a-w- c:\windows\SysWow64\odbc32.dll

2011-12-12 05:30 . 2010-11-20 13:28 459248 ----a-w- c:\windows\system32\drivers\cng.sys

2011-12-12 05:29 . 2009-07-14 01:16 61440 ----a-w- c:\windows\SysWow64\tcpmonui.dll

2011-12-11 20:42 . 2010-11-20 13:25 594432 ----a-w- c:\windows\system32\comdlg32.dll

2011-12-11 20:42 . 2010-11-20 13:26 658944 ----a-w- c:\windows\system32\dxgi.dll

2011-12-11 20:41 . 2010-11-20 12:20 1328128 ----a-w- c:\windows\SysWow64\quartz.dll

2011-12-11 20:41 . 2010-11-20 13:25 342016 ----a-w- c:\windows\system32\apphelp.dll

2011-12-11 20:41 . 2010-11-20 12:21 597504 ----a-w- c:\windows\SysWow64\TSWorkspace.dll

2011-12-11 20:41 . 2010-11-20 11:04 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-12-11 19:00 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll

2011-12-11 19:00 . 2010-11-20 12:18 91136 ----a-w- c:\windows\SysWow64\dot3api.dll

2011-12-11 19:00 . 2010-11-20 12:21 270848 ----a-w- c:\windows\SysWow64\tsmf.dll

2011-12-11 18:54 . 2010-11-20 13:25 897536 ----a-w- c:\windows\system32\azroles.dll

2011-12-11 18:53 . 2010-11-20 12:21 351232 ----a-w- c:\windows\SysWow64\winhttp.dll

2011-12-11 18:53 . 2010-11-20 13:25 705024 ----a-w- c:\windows\system32\BFE.DLL

2011-12-11 18:53 . 2010-11-20 12:21 1667584 ----a-w- c:\windows\SysWow64\setupapi.dll

2011-12-11 18:52 . 2010-11-20 13:33 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-12-11 18:52 . 2010-11-20 12:18 295936 ----a-w- c:\windows\SysWow64\apphelp.dll

2011-12-11 18:52 . 2010-11-20 13:24 345088 ----a-w- c:\windows\system32\cmd.exe

2011-12-11 18:52 . 2010-11-20 13:26 281600 ----a-w- c:\windows\system32\DShowRdpFilter.dll

2011-12-11 18:52 . 2010-11-20 12:19 2291712 ----a-w- c:\windows\SysWow64\MSVidCtl.dll

2011-12-11 18:51 . 2010-11-20 12:18 2522624 ----a-w- c:\windows\SysWow64\dbgeng.dll

2011-12-11 18:50 . 2010-11-20 12:20 563712 ----a-w- c:\windows\SysWow64\netlogon.dll

2011-12-11 18:50 . 2010-11-20 12:18 522752 ----a-w- c:\windows\SysWow64\d3d11.dll

2011-12-11 18:50 . 2010-11-20 12:21 1010688 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll

2011-12-11 18:49 . 2010-11-20 12:20 406528 ----a-w- c:\windows\SysWow64\netcfgx.dll

2011-12-11 18:49 . 2010-11-20 13:34 215936 ----a-w- c:\windows\system32\drivers\vhdmp.sys

2011-12-11 18:49 . 2010-11-20 12:21 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2011-12-11 18:49 . 2010-11-20 12:21 314880 ----a-w- c:\windows\SysWow64\webio.dll

2011-12-11 18:49 . 2010-11-20 12:21 1363456 ----a-w- c:\windows\SysWow64\Query.dll

2011-12-11 18:49 . 2010-11-20 12:21 1175040 ----a-w- c:\windows\SysWow64\WsmSvc.dll

2011-12-11 18:49 . 2010-11-20 12:21 206848 ----a-w- c:\windows\SysWow64\upnp.dll

2011-12-11 18:49 . 2010-11-20 12:18 640512 ----a-w- c:\windows\SysWow64\advapi32.dll

2011-12-11 18:49 . 2010-11-20 12:21 224256 ----a-w- c:\windows\SysWow64\schannel.dll

2011-12-11 18:49 . 2010-11-20 12:18 252928 ----a-w- c:\windows\SysWow64\DShowRdpFilter.dll

2011-12-11 18:48 . 2010-11-20 13:26 235008 ----a-w- c:\windows\system32\hgprint.dll

2011-12-11 18:48 . 2010-11-20 12:19 2151936 ----a-w- c:\windows\SysWow64\mmcndmgr.dll

2011-12-11 18:46 . 2010-11-20 13:27 1727488 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll

2011-12-11 18:46 . 2010-11-20 13:26 279040 ----a-w- c:\windows\system32\framedyn.dll

2011-12-11 18:45 . 2010-11-20 13:25 296448 ----a-w- c:\windows\system32\AudioSes.dll

2011-12-11 18:45 . 2010-11-20 13:24 689152 ----a-w- c:\windows\system32\FXSSVC.exe

2011-12-11 18:45 . 2010-11-20 13:25 412160 ----a-w- c:\windows\system32\aepdu.dll

2011-12-11 18:44 . 2010-11-20 12:17 302592 ----a-w- c:\windows\SysWow64\cmd.exe

2011-12-11 18:44 . 2010-11-20 12:51 424448 ----a-w- c:\windows\system32\aeinv.dll

2011-12-11 18:44 . 2010-11-20 13:26 171520 ----a-w- c:\windows\system32\fde.dll

2011-12-11 18:44 . 2010-11-20 12:21 492032 ----a-w- c:\windows\SysWow64\win32spl.dll

2011-12-11 18:44 . 2010-11-20 12:20 988160 ----a-w- c:\windows\SysWow64\propsys.dll

2011-12-11 18:44 . 2010-11-20 12:19 206336 ----a-w- c:\windows\SysWow64\framedynos.dll

2011-12-11 18:44 . 2010-11-20 12:21 269824 ----a-w- c:\windows\SysWow64\Wldap32.dll

2011-12-11 18:44 . 2010-11-20 12:19 296448 ----a-w- c:\windows\SysWow64\mfds.dll

2011-12-11 18:43 . 2010-11-20 13:26 503296 ----a-w- c:\windows\system32\imapi2.dll

2011-12-11 18:43 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll

2011-12-11 18:43 . 2010-11-20 13:25 197120 ----a-w- c:\windows\system32\credui.dll

2011-12-11 18:43 . 2010-11-20 12:55 144384 ----a-w- c:\windows\system32\cdd.dll

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-27 12:09 . 2011-12-27 12:09 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F7B5A655-31C3-4A57-88CA-43422402BC38}\offreg.dll

2011-12-21 19:01 . 2011-12-21 19:01 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2011-12-21 19:01 . 2011-12-21 19:01 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2011-12-21 19:01 . 2011-12-21 19:01 76800 ----a-w- c:\windows\system32\tdc.ocx

2011-12-21 19:01 . 2011-12-21 19:01 603648 ----a-w- c:\windows\system32\vbscript.dll

2011-12-21 19:01 . 2011-12-21 19:01 48640 ----a-w- c:\windows\system32\mshtmler.dll

2011-12-21 19:01 . 2011-12-21 19:01 30720 ----a-w- c:\windows\system32\licmgr10.dll

2011-12-21 19:01 . 2011-12-21 19:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-12-21 19:01 . 2011-12-21 19:01 2309120 ----a-w- c:\windows\system32\jscript9.dll

2011-12-21 19:01 . 2011-12-21 19:01 222208 ----a-w- c:\windows\system32\msls31.dll

2011-12-21 19:01 . 2011-12-21 19:01 160256 ----a-w- c:\windows\system32\wextract.exe

2011-12-21 19:01 . 2011-12-21 19:01 1493504 ----a-w- c:\windows\system32\inetcpl.cpl

2011-12-21 19:01 . 2011-12-21 19:01 1390080 ----a-w- c:\windows\system32\wininet.dll

2011-12-21 19:01 . 2011-12-21 19:01 12288 ----a-w- c:\windows\system32\mshta.exe

2011-12-15 00:34 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-12-15 00:34 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-12-04 00:00 . 2011-12-04 00:00 2560 ----a-w- c:\windows\SysWow64\drivers\nl-NL\qwavedrv.sys.mui

2011-12-04 00:00 . 2011-12-04 00:00 5632 ----a-w- c:\windows\SysWow64\drivers\nl-NL\ndiscap.sys.mui

2011-12-04 00:00 . 2011-12-04 00:00 50688 ----a-w- c:\windows\SysWow64\drivers\nl-NL\tcpip.sys.mui

2011-12-03 23:59 . 2011-12-03 23:59 16896 ----a-w- c:\windows\SysWow64\drivers\nl-NL\pacer.sys.mui

2011-12-03 23:59 . 2011-12-03 23:59 26624 ----a-w- c:\windows\SysWow64\drivers\nl-NL\bfe.dll.mui

2011-12-03 23:59 . 2011-12-03 23:59 2560 ----a-w- c:\windows\SysWow64\drivers\nl-NL\scfilter.sys.mui

2011-12-03 19:16 . 2011-12-03 19:16 564784 ----a-w- c:\windows\system32\NBMatS1SDK.dll

2011-11-30 01:21 . 2011-12-27 08:13 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F7B5A655-31C3-4A57-88CA-43422402BC38}\mpengine.dll

2011-11-24 04:52 . 2011-12-14 01:56 3145216 ----a-w- c:\windows\system32\win32k.sys

2011-11-05 05:32 . 2011-12-14 01:56 2048 ----a-w- c:\windows\system32\tzres.dll

.

.

((((((((((((((((((((((((((((( SnapShot_2011-12-24_13.11.29 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-14 04:46 . 2011-12-26 13:26 96016 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2011-12-24 15:02 . 2011-12-24 15:02 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\0d036f215cfdf37305d84ac680e19413\System.Windows.Presentation.ni.dll

+ 2011-12-24 14:22 . 2011-12-24 14:22 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c4a4564925c5fa6d43dac830cfb294bd\System.Web.DynamicData.Design.ni.dll

+ 2011-12-24 13:17 . 2011-12-24 13:17 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\3a5529f1de05952773c725a6ff2e07fb\PresentationFontCache.ni.exe

+ 2011-12-27 11:36 . 2011-12-27 11:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-12-24 08:08 . 2011-12-24 08:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-12-27 11:36 . 2011-12-27 11:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-12-24 08:08 . 2011-12-24 08:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 05:01 . 2011-12-24 07:34 311288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2011-12-27 11:01 311288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-12-25 06:14 . 2011-12-25 06:14 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\c00eb8f424a86eadeb281a5e6083a518\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2011-12-24 15:05 . 2011-12-24 15:05 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\756011e2290f779331336b1659d804e9\WsatConfig.ni.exe

+ 2011-12-24 15:05 . 2011-12-24 15:05 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\bdf567eb555bffe4d9f4383b6b97832b\WindowsFormsIntegration.ni.dll

+ 2011-12-24 15:04 . 2011-12-24 15:04 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\da4abebb1b165f2d27c5fe5bc6e9ed71\TaskScheduler.ni.dll

+ 2011-12-24 13:28 . 2011-12-24 13:28 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\2b9253e5a2818152f9f1a3b9d7c7ee60\System.Xml.Linq.ni.dll

+ 2011-12-24 14:22 . 2011-12-24 14:22 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\5e59963a99fe6b3dfc07b6ecb375b42b\System.Web.Routing.ni.dll

+ 2011-12-24 14:23 . 2011-12-24 14:23 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\550cf8623da60ebdaf41be0d472886cf\System.Web.Entity.ni.dll

+ 2011-12-24 14:23 . 2011-12-24 14:23 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e97615ac42a73803dbb72feb560dc3f8\System.Web.Entity.Design.ni.dll

+ 2011-12-24 14:22 . 2011-12-24 14:22 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\469736b242d26e3a0df5dea6da3679f4\System.Web.DynamicData.ni.dll

+ 2011-12-24 14:02 . 2011-12-24 14:02 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\de14c74ae9ddfaae3ecf50a7e4a1f1b0\System.Web.Abstractions.ni.dll

+ 2011-12-24 14:21 . 2011-12-24 14:21 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\1d7d8aef36a4181c824e7b19a5717181\System.Net.ni.dll

+ 2011-12-24 14:21 . 2011-12-24 14:21 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\515b6d806d49ee9f3a0c4777c313c5a9\System.Management.Instrumentation.ni.dll

+ 2011-12-24 14:21 . 2011-12-24 14:21 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\09e99130b92146abae3d4c9b5c8bb116\System.IO.Log.ni.dll

+ 2011-12-24 14:20 . 2011-12-24 14:20 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\a342b0087027682df86caa73cf0dc223\System.Data.Services.Design.ni.dll

+ 2011-12-24 13:19 . 2011-12-24 13:19 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\0749a52124e604d5104322fd60606810\System.Data.DataSetExtensions.ni.dll

+ 2011-12-24 13:18 . 2011-12-24 13:18 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\63c8a0af333eb6fa7d73d5b30c9acb38\System.ComponentModel.DataAnnotations.ni.dll

+ 2011-12-24 13:18 . 2011-12-24 13:18 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\3867b72f0fdef0241a18f0c6767ecf05\System.AddIn.ni.dll

+ 2011-12-24 13:18 . 2011-12-24 13:18 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\edf038eef2dc9f21b13da8bdc046a834\System.AddIn.Contract.ni.dll

+ 2011-12-24 14:22 . 2011-12-24 14:22 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\0ba53d547dabd039b0cfc9ce52fa6c57\sysglobl.ni.dll

+ 2011-12-24 13:17 . 2011-12-24 13:17 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\ce64633f4e4ba6f3c45ad5ad6a35d736\SMSvcHost.ni.exe

- 2009-07-14 04:45 . 2011-12-23 09:51 7162691 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:45 . 2011-12-25 07:16 7162691 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2011-12-13 16:09 . 2011-12-27 11:01 5177118 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2048918017-116004491-448208954-1000-8192.dat

+ 2011-12-25 06:10 . 2011-12-25 06:10 1838080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6d70dc398f25ca4c6b585413ed76cb9d\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2011-12-24 15:05 . 2011-12-24 15:05 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\888e738b2d4904fc2193ea2237acb01e\UIAutomationClientsideProviders.ni.dll

+ 2011-12-24 15:04 . 2011-12-24 15:04 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5e18a0dbf5fa5e5ebb20127e46fb5e39\System.WorkflowServices.ni.dll

+ 2011-12-24 15:01 . 2011-12-24 15:01 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\0710a4905ff11c5534814f8d42e0e477\System.Web.Mobile.ni.dll

+ 2011-12-24 14:24 . 2011-12-24 14:24 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\940213c7e46d21b9f040b617716acd6e\System.Web.Extensions.Design.ni.dll

+ 2011-12-24 14:20 . 2011-12-24 14:20 3042304 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\045bff7a31fe725d20809c49e3d022fd\System.Web.Extensions.ni.dll

+ 2011-12-24 14:22 . 2011-12-24 14:22 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\8e2d63ddf8223dab939bbdf5a9a51185\System.Speech.ni.dll

+ 2011-12-24 14:00 . 2011-12-24 14:00 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\b2b78a61c8c7b8cb0739c3bad67ed756\System.ServiceModel.Web.ni.dll

+ 2011-12-24 14:20 . 2011-12-24 14:20 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ece506e2c1e0a1bde755dd7d652b5325\System.DirectoryServices.AccountManagement.ni.dll

+ 2011-12-24 13:59 . 2011-12-24 13:59 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\fe0d1dca499f1ccdee15400593b37cd3\System.Data.Services.ni.dll

+ 2011-12-24 14:20 . 2011-12-24 14:20 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\55c030c014a9cd3ce63b1ce30722b6d7\System.Data.Services.Client.ni.dll

+ 2011-12-24 13:28 . 2011-12-24 13:28 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\6d2a8c2d751cb29ecdbc8a20aac2dd1e\System.Data.Linq.ni.dll

+ 2011-12-24 13:27 . 2011-12-24 13:27 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\2e1600551586106df9abd6ede3dd57df\System.Data.Entity.Design.ni.dll

+ 2011-12-24 13:17 . 2011-12-24 13:17 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\efa575767e695618224d140941250d8b\PresentationBuildTasks.ni.dll

+ 2011-12-24 13:16 . 2011-12-24 13:16 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\8eb00c2e6ad95f84704a73c15934ad64\Narrator.ni.exe

+ 2011-12-24 13:27 . 2011-12-24 13:27 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\2d06fb193634c8d3951a01878f7d3297\System.Data.Entity.ni.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-08-07 09:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@="Service"

.

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-18 796192]

R2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 135664]

R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

R3 cpuz134;cpuz134;c:\users\wollie\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 135664]

R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]

S2 IGBASVC;EgisTec Service;c:\program files (x86)\Acer Bio Protection\BASVC.exe [2009-08-06 3450368]

S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]

S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]

S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

S3 nuvotonhidgeneric;Nuvoton EC Generic HID;c:\windows\system32\DRIVERS\nuvotonhidgeneric.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2011-12-27 c:\windows\Tasks\Acer Registration Data Sending.job

- c:\program files (x86)\Acer\Registration\GREG.exe [2009-07-31 06:55]

.

2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:21]

.

2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:21]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-08-07 09:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-28 16334880]

"combofix"="c:\combofix\CF13707.3XE" [2010-11-20 345088]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7738&r=27361211z306l03e8z1k5t68l1w262

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

TCP: DhcpNameServer = 213.109.127.1 89.188.26.77 212.178.149.250

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

BHO-{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - c:\programdata\Partner\Partner64.dll

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Acer Bio Protection\CompPtcVUI.exe

c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

.

**************************************************************************

.

Voltooingstijd: 2011-12-27 13:42:04 - machine werd herstart

ComboFix-quarantined-files.txt 2011-12-27 12:42

ComboFix2.txt 2011-12-24 13:28

ComboFix3.txt 2011-12-24 03:39

.

Pre-Run: 583.886.884.864 bytes beschikbaar

Post-Run: 583.872.065.536 bytes beschikbaar

.

- - End Of File - - F6A633DC43F77F1479E0AD90304D6383

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Malware is dus niet de oorzaak van het probleem.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Het register opruimen en de harde schijf defragmenteren wil ook wel eens helpen om wat sneller op te starten.

We gaan beginnen met het register op te ruimen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites
Wollie Leerling

Wollie

Geplaatst:
  • Auteur
Geplaatst:

Ik had ccleaner al op mijn computer staan en in gebruik.

Na Combofix te hebben verwijderd en ccleaner zoals omschreven te hebben gebruikt, is het opstarten van de computer nog niet verbeterd.

Is het mogelijk dat het aan het Interne geheugen kunnen liggen? Of aan de harde schijf?

Mvg

Wollie

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.