Mijn CPU-Gebruik is ENORM hoog! Help

Arthemius · 23 januari 2014

Beste,

Mijn Pc deed weken geleden plots zeer raar... Het CPU-Gebruik was plots gigantisch hoog en kon daardoor amper iets doen. (zelfs Google Chrome ging enorm traag)

Ik zocht allereerst naar een virus of enige malware met het programma "Bullguard". Deze zoekactie leverde niks op. Ik werd dan aangeraden om terug te keren naar een herstelpunt. Dit loste het probleem meteen op. MAAR enkele dagen geleden was het probleem er WEER... Deze keer mislukte elke poging om naar een herstelpunt terug te keren. Dus besloot ik mijn opstartschijf te formatteren en Windows te herinstalleren. Tijdens de installatie ging alles perfect, geen enkele vertraging, etc... Maar wanneer ik zowat alles had geinstalleerd van drivers en google chrome kwam het probleem gewoonweg TERUG...

Ik ben ten einde raad. Kan iemand mij enige tips geven om dit probleem voorgoed van de baan te vegen?

Dank bij voorbaat!

kape · 24 januari 2014

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Arthemius · 24 januari 2014

Logfile of random's system information tool 1.09 (written by random/random)

Run by Andreas at 2014-01-24 18:28:57

Microsoft Windows 7 Ultimate

System drive C: has 35 GB (30%) free of 114 GB

Total RAM: 3270 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:29:08, on 24/01/2014

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe

C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Andreas\Downloads\RSIT (1).exe

C:\Program Files\trend micro\Andreas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s

O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe" /r

O4 - HKLM\..\Run: [THXCfg32] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg32.dll,RunDLLEntry THXCfg32

O4 - HKLM\..\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry

O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot

O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe

O4 - HKLM\..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized

O4 - HKLM\..\RunOnce: [browserChoice] browserchoice.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--

End of file - 6116 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2012-08-07 5986960]

"THX Audio Control Panel"=C:\Program Files\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [2011-08-29 1517056]

"THXCfg32"=C:\Windows\system32\THXCfg32.dll [2011-05-13 24576]

"RunDLLEntry"=C:\Windows\system32\AmbRunE.dll [2009-02-26 14848]

"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [2013-12-06 747264]

"BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2013-12-11 815952]

"BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2013-12-09 2307920]

"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-11-14 6213400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"BrowserChoice"=C:\Windows\system32\browserchoice.exe [2010-02-11 293376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-24 18:27:17 ----D---- C:\rsit

2014-01-24 18:27:17 ----D---- C:\Program Files\trend micro

2014-01-24 18:26:04 ----A---- C:\Windows\system32\drivers\WUDFRd.sys

2014-01-24 18:26:04 ----A---- C:\Windows\system32\drivers\WUDFPf.sys

2014-01-24 18:26:03 ----A---- C:\Windows\system32\WUDFx.dll

2014-01-24 18:26:03 ----A---- C:\Windows\system32\WUDFSvc.dll

2014-01-24 18:26:03 ----A---- C:\Windows\system32\WUDFPlatform.dll

2014-01-24 18:26:03 ----A---- C:\Windows\system32\WUDFHost.exe

2014-01-24 18:26:03 ----A---- C:\Windows\system32\WUDFCoinstaller.dll

2014-01-24 18:25:55 ----A---- C:\Windows\system32\browserchoice.exe

2014-01-24 06:23:32 ----D---- C:\Windows\Prefetch

2014-01-24 06:23:20 ----ASH---- C:\hiberfil.sys

2014-01-24 06:22:31 ----D---- C:\Windows\Panther

2014-01-24 06:18:22 ----D---- C:\Windows.old

2014-01-23 23:19:17 ----A---- C:\Windows\system32\msv1_0.dll

2014-01-23 23:17:02 ----A---- C:\Windows\system32\drivers\WdfLdr.sys

2014-01-23 23:17:01 ----A---- C:\Windows\system32\Wdfres.dll

2014-01-23 23:17:01 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2014-01-23 23:16:03 ----A---- C:\Windows\system32\wmi.dll

2014-01-23 23:16:03 ----A---- C:\Windows\system32\drivers\fs_rec.sys

2014-01-23 23:16:02 ----A---- C:\Windows\system32\wintrust.dll

2014-01-23 23:16:01 ----A---- C:\Windows\system32\imagehlp.dll

2014-01-23 23:15:29 ----A---- C:\Windows\system32\drivers\ks.sys

2014-01-23 23:05:33 ----D---- C:\Windows\system32\MRT

2014-01-23 23:05:30 ----A---- C:\Windows\system32\MRT.exe

2014-01-23 23:05:00 ----A---- C:\Windows\system32\wcncsvc.dll

2014-01-23 22:55:20 ----D---- C:\Program Files\Common Files\Steam

2014-01-23 22:55:13 ----D---- C:\Program Files\Steam

2014-01-23 22:50:19 ----A---- C:\Windows\system32\drivers\Diskdump.sys

2014-01-23 22:39:34 ----A---- C:\Windows\system32\KernelBase.dll

2014-01-23 22:39:34 ----A---- C:\Windows\system32\kernel32.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-01-23 22:39:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-01-23 22:39:33 ----A---- C:\Windows\system32\winsrv.dll

2014-01-23 22:39:33 ----A---- C:\Windows\system32\conhost.exe

2014-01-23 22:39:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-01-23 22:39:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-01-23 22:39:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-01-23 22:39:15 ----A---- C:\Windows\system32\drivers\dxgmms1.sys

2014-01-23 22:39:15 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-01-23 22:39:15 ----A---- C:\Windows\system32\cdd.dll

2014-01-23 22:33:21 ----D---- C:\ProgramData\LogiShrd

2014-01-23 22:33:07 ----D---- C:\Program Files\Logitech Gaming Software

2014-01-23 22:32:47 ----D---- C:\Users\Andreas\AppData\Roaming\Logitech

2014-01-23 22:32:47 ----D---- C:\Users\Andreas\AppData\Roaming\Logishrd

2014-01-23 22:31:41 ----D---- C:\Users\Andreas\AppData\Roaming\BullGuard

2014-01-23 22:31:10 ----D---- C:\Program Files\Common Files\BullGuard Ltd

2014-01-23 22:31:09 ----D---- C:\Program Files\BullGuard Ltd

2014-01-23 22:30:57 ----D---- C:\Users\Andreas\AppData\Roaming\QuickScan

2014-01-23 22:30:57 ----D---- C:\ProgramData\BullGuard

2014-01-23 22:23:18 ----D---- C:\Users\Andreas\AppData\Roaming\ATI

2014-01-23 22:23:18 ----D---- C:\ProgramData\ATI

2014-01-23 22:22:09 ----D---- C:\ProgramData\AMD

2014-01-23 22:22:09 ----D---- C:\Program Files\AMD AVT

2014-01-23 22:21:55 ----D---- C:\Program Files\Common Files\ATI Technologies

2014-01-23 22:21:55 ----D---- C:\Program Files\AMD

2014-01-23 22:21:37 ----D---- C:\Program Files\Microsoft.NET

2014-01-23 22:21:35 ----A---- C:\Windows\system32\PresentationHostProxy.dll

2014-01-23 22:21:35 ----A---- C:\Windows\system32\PresentationHost.exe

2014-01-23 22:21:35 ----A---- C:\Windows\system32\netfxperf.dll

2014-01-23 22:21:35 ----A---- C:\Windows\system32\mscoree.dll

2014-01-23 22:21:35 ----A---- C:\Windows\system32\dfshim.dll

2014-01-23 22:21:24 ----D---- C:\ProgramData\Package Cache

2014-01-23 22:21:15 ----D---- C:\Program Files\ATI Technologies

2014-01-23 22:21:10 ----D---- C:\Program Files\ATI

2014-01-23 22:14:10 ----D---- C:\Users\Andreas\AppData\Roaming\Macromedia

2014-01-23 22:14:10 ----D---- C:\Users\Andreas\AppData\Roaming\Adobe

2014-01-23 22:12:34 ----A---- C:\Windows\system32\rdpcore.dll

2014-01-23 22:12:34 ----A---- C:\Windows\system32\drivers\tdtcp.sys

2014-01-23 22:12:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2014-01-23 22:12:34 ----A---- C:\Windows\system32\cabview.dll

2014-01-23 22:09:34 ----A---- C:\Windows\system32\wups2.dll

2014-01-23 22:09:34 ----A---- C:\Windows\system32\wucltux.dll

2014-01-23 22:09:34 ----A---- C:\Windows\system32\wuaueng.dll

2014-01-23 22:09:34 ----A---- C:\Windows\system32\wuauclt.exe

2014-01-23 22:09:33 ----A---- C:\Windows\system32\wups.dll

2014-01-23 22:09:33 ----A---- C:\Windows\system32\wudriver.dll

2014-01-23 22:09:33 ----A---- C:\Windows\system32\wuapi.dll

2014-01-23 22:09:32 ----A---- C:\Windows\system32\wuwebv.dll

2014-01-23 22:09:32 ----A---- C:\Windows\system32\wuapp.exe

2014-01-23 22:09:10 ----RA---- C:\Windows\system32\PROUnstl.exe

2014-01-23 22:08:25 ----A---- C:\Windows\system32\NicCo36.dll

2014-01-23 22:08:25 ----A---- C:\Windows\system32\e1cmsg.dll

2014-01-23 22:08:25 ----A---- C:\Windows\system32\drivers\e1c6232.sys

2014-01-23 22:08:23 ----A---- C:\Windows\system32\NicInstC.dll

2014-01-23 22:07:55 ----D---- C:\Program Files\ASM104xUSB3

2014-01-23 22:07:38 ----D---- C:\Program Files\ASM106xSATA

2014-01-23 22:07:28 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll

2014-01-23 22:07:27 ----D---- C:\ProgramData\Intel

2014-01-23 22:07:14 ----A---- C:\Windows\system32\drivers\HECI.sys

2014-01-23 22:07:05 ----D---- C:\Users\Andreas\AppData\Roaming\InstallShield

2014-01-23 22:07:02 ----D---- C:\ProgramData\Creative

2014-01-23 22:06:55 ----N---- C:\Windows\Updreg.EXE

2014-01-23 22:06:52 ----N---- C:\Windows\system32\xFiMB2CfgUninstall32.ini

2014-01-23 22:06:52 ----N---- C:\Windows\system32\ResDefE.exe

2014-01-23 22:06:52 ----N---- C:\Windows\system32\CTtele32.dll

2014-01-23 22:06:52 ----N---- C:\Windows\system32\ctpxst32.exe

2014-01-23 22:06:52 ----N---- C:\Windows\system32\cfgfx.ini

2014-01-23 22:06:52 ----N---- C:\Windows\system32\cfgChain.exe

2014-01-23 22:06:52 ----N---- C:\Windows\system32\AMBSpiE.exe

2014-01-23 22:06:52 ----N---- C:\Windows\system32\AmbRunE.dll

2014-01-23 22:06:52 ----N---- C:\Windows\FF08_Render_Spk.ini

2014-01-23 22:06:52 ----N---- C:\Windows\FF08_Render_Hp.ini

2014-01-23 22:06:52 ----N---- C:\Windows\FF08_Render.ini

2014-01-23 22:06:52 ----N---- C:\Windows\FF08_Capture.ini

2014-01-23 22:06:46 ----N---- C:\Windows\THXCfg_SP_APOIM.ini

2014-01-23 22:06:46 ----N---- C:\Windows\THXCfg_HP_APOIM.ini

2014-01-23 22:06:46 ----N---- C:\Windows\THXCfg_APOIM.ini

2014-01-23 22:06:46 ----N---- C:\Windows\system32\THXCfgUninstall32.ini

2014-01-23 22:06:46 ----N---- C:\Windows\system32\THXCfg32.ini

2014-01-23 22:06:46 ----N---- C:\Windows\system32\THXCfg32.exe

2014-01-23 22:06:46 ----N---- C:\Windows\system32\THXCfg32.dll

2014-01-23 22:06:46 ----N---- C:\Windows\system32\ResDefA.exe

2014-01-23 22:06:43 ----A---- C:\Windows\system32\CmdRtr.DLL

2014-01-23 22:06:43 ----A---- C:\Windows\system32\APOMngr.DLL

2014-01-23 22:06:42 ----RA---- C:\Windows\system32\tmp364C.tmp

2014-01-23 22:06:42 ----A---- C:\Windows\system32\wrap_oal.dll

2014-01-23 22:06:42 ----A---- C:\Windows\system32\OpenAL32.dll

2014-01-23 22:06:41 ----N---- C:\Windows\system32\Sens_oal.dll

2014-01-23 22:05:55 ----D---- C:\Program Files\Common Files\Creative Labs Shared

2014-01-23 22:05:25 ----D---- C:\Program Files\Common Files\Macrovision Shared

2014-01-23 22:05:24 ----D---- C:\Program Files\Creative

2014-01-23 22:01:27 ----D---- C:\Windows\AsusInstAll

2014-01-23 22:01:22 ----D---- C:\Windows\system32\RTCOM

2014-01-23 22:01:18 ----R---- C:\Windows\system32\drivers\DTSU2P.DAT

2014-01-23 22:01:13 ----A---- C:\Windows\system32\WavesLib.dll

2014-01-23 22:01:12 ----A---- C:\Windows\system32\SRSWOW.dll

2014-01-23 22:01:12 ----A---- C:\Windows\system32\SRSTSXT.dll

2014-01-23 22:01:12 ----A---- C:\Windows\system32\SRSTSHD.dll

2014-01-23 22:01:12 ----A---- C:\Windows\system32\SRSHP360.dll

2014-01-23 22:01:11 ----A---- C:\Windows\system32\RtkPgExt.dll

2014-01-23 22:01:10 ----A---- C:\Windows\system32\RtkCoLDR.dll

2014-01-23 22:01:10 ----A---- C:\Windows\system32\RtkCoInstII.dll

2014-01-23 22:01:10 ----A---- C:\Windows\system32\RtkApoApi.dll

2014-01-23 22:01:10 ----A---- C:\Windows\system32\RtkAPO.dll

2014-01-23 22:01:07 ----A---- C:\Windows\system32\RTEEP32A.dll

2014-01-23 22:01:07 ----A---- C:\Windows\system32\RTEEL32A.dll

2014-01-23 22:01:07 ----A---- C:\Windows\system32\RTEEG32A.dll

2014-01-23 22:01:07 ----A---- C:\Windows\system32\RTEED32A.dll

2014-01-23 22:01:07 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys

2014-01-23 22:01:06 ----A---- C:\Windows\system32\RP3DHT32.dll

2014-01-23 22:01:06 ----A---- C:\Windows\system32\RP3DAA32.dll

2014-01-23 22:01:06 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT

2014-01-23 22:01:02 ----A---- C:\Windows\system32\MaxxAudioEQ.dll

2014-01-23 22:01:01 ----A---- C:\Windows\system32\MBWrp32.dll

2014-01-23 22:01:01 ----A---- C:\Windows\system32\MBTHX32.dll

2014-01-23 22:01:01 ----A---- C:\Windows\system32\MBAPO32.dll

2014-01-23 22:01:01 ----A---- C:\Windows\system32\MaxxAudioAPOShell.dll

2014-01-23 22:01:01 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll

2014-01-23 22:01:01 ----A---- C:\Windows\system32\MaxxAudioAPO.dll

2014-01-23 22:00:57 ----A---- C:\Windows\system32\FMAPO.dll

2014-01-23 22:00:55 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2014-01-23 22:00:54 ----A---- C:\Windows\system32\AERTARen.dll

2014-01-23 22:00:54 ----A---- C:\Windows\system32\AERTACap.dll

2014-01-23 22:00:53 ----HD---- C:\Program Files\Temp

2014-01-23 22:00:53 ----D---- C:\Program Files\Realtek

2014-01-23 22:00:52 ----R---- C:\Windows\RtlExUpd.dll

2014-01-23 22:00:18 ----RA---- C:\Windows\system32\CSVer.dll

2014-01-23 22:00:18 ----D---- C:\Program Files\Intel

2014-01-23 22:00:08 ----D---- C:\Intel

2014-01-23 21:59:53 ----A---- C:\Windows\Ascd_log.ini

2014-01-23 21:58:59 ----SHD---- C:\Windows\Installer

2014-01-23 21:58:58 ----D---- C:\Program Files\Google

2014-01-23 21:45:15 ----HD---- C:\Program Files\InstallShield Installation Information

2014-01-23 21:45:15 ----D---- C:\Program Files\ASUS

2014-01-23 21:45:11 ----D---- C:\Program Files\Common Files\InstallShield

2014-01-23 21:44:58 ----A---- C:\Windows\Language_trs.ini

2014-01-23 21:44:52 ----A---- C:\Windows\Ascd_tmp.ini

2014-01-23 21:42:20 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-23 21:32:24 ----SD---- C:\Users\Andreas\AppData\Roaming\Microsoft

2014-01-23 21:32:24 ----D---- C:\Users\Andreas\AppData\Roaming\Media Center Programs

2014-01-23 21:31:10 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 1 month======

2014-01-24 18:29:01 ----D---- C:\Windows\Temp

2014-01-24 18:27:57 ----D---- C:\Windows\winsxs

2014-01-24 18:27:57 ----D---- C:\Windows\system32\catroot2

2014-01-24 18:27:57 ----D---- C:\Windows\system32\catroot

2014-01-24 18:27:17 ----RD---- C:\Program Files

2014-01-24 18:26:52 ----D---- C:\Windows\System32

2014-01-24 18:26:52 ----D---- C:\Windows\inf

2014-01-24 18:26:10 ----D---- C:\Windows\system32\en-US

2014-01-24 18:26:10 ----D---- C:\Windows\system32\drivers

2014-01-24 18:25:53 ----SHD---- C:\System Volume Information

2014-01-24 18:25:35 ----D---- C:\Windows\system32\config

2014-01-24 18:19:55 ----D---- C:\Windows\system32\wbem

2014-01-24 18:19:55 ----D---- C:\Windows\system32\drivers\en-US

2014-01-24 06:30:25 ----D---- C:\Windows\rescache

2014-01-24 06:24:37 ----D---- C:\Windows\system32\sysprep

2014-01-24 06:23:32 ----D---- C:\Windows\CSC

2014-01-23 23:20:25 ----D---- C:\Windows\Microsoft.NET

2014-01-23 23:05:31 ----D---- C:\Windows\debug

2014-01-23 22:55:20 ----D---- C:\Program Files\Common Files

2014-01-23 22:33:21 ----HD---- C:\ProgramData

2014-01-23 22:33:11 ----D---- C:\Windows\system32\DriverStore

2014-01-23 22:31:42 ----D---- C:\Windows\system32\Tasks

2014-01-23 22:25:12 ----RSD---- C:\Windows\assembly

2014-01-23 22:23:01 ----D---- C:\Windows

2014-01-23 22:12:29 ----D---- C:\Windows\Logs

2014-01-23 22:09:46 ----SD---- C:\ProgramData\Microsoft

2014-01-23 22:07:24 ----D---- C:\Program Files\Common Files\microsoft shared

2014-01-23 21:58:59 ----D---- C:\Windows\Tasks

2014-01-23 21:48:04 ----D---- C:\Windows\system32\CodeIntegrity

2014-01-23 21:45:13 ----D---- C:\Windows\system32\restore

2014-01-23 21:39:50 ----D---- C:\Windows\system32\wdi

2014-01-23 21:32:32 ----SHD---- C:\$Recycle.Bin

2014-01-23 21:32:24 ----RD---- C:\Users

2014-01-23 21:32:24 ----D---- C:\Windows\Setup

2014-01-23 21:31:13 ----SHD---- C:\Recovery

2014-01-23 20:22:02 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 asahci32;asahci32; C:\Windows\system32\DRIVERS\asahci32.sys [2012-01-06 43104]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]

R1 AFW;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2013-11-06 36104]

R1 BdAgent;BullGuard Security Agent; C:\Windows\system32\DRIVERS\BdAgent.sys [2013-11-06 98616]

R1 BdSpy;BdSpy; C:\Windows\system32\drivers\BdSpy.sys [2013-11-06 63584]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\Windows\system32\DRIVERS\NSKernel.sys [2013-11-28 243320]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\Windows\system32\DRIVERS\NSNetmon.sys [2013-11-28 21888]

R3 afwcore;afwcore; C:\Windows\system32\DRIVERS\afwcore.sys [2013-11-06 341256]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 11527680]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 501248]

R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 102888]

R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 313832]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]

R3 BdNet;BdNet; C:\Windows\system32\DRIVERS\BdNet.sys [2013-11-06 27760]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c6232.sys [2012-03-15 392872]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-08-07 3273360]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 19720]

R3 LGPBTDD;LGPBTDD.sys Display Driver; C:\Windows\System32\Drivers\LGPBTDD.sys [2009-07-01 23432]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 14856]

R3 MEI;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2012-07-12 55104]

R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2013-12-18 343456]

S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]

S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]

S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]

S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 209408]

R2 BsBackup;BullGuard backup service; C:\Windows\System32\SvcHost.exe [2009-07-14 20992]

R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2013-12-09 432464]

R2 BsFileScan;BullGuard on-access service; C:\Windows\System32\SvcHost.exe [2009-07-14 20992]

R2 BsFire;BullGuard firewall service; C:\Windows\System32\SvcHost.exe [2009-07-14 20992]

R2 BsMailProxy;BullGuard e-mail monitoring service; C:\Windows\System32\SvcHost.exe [2009-07-14 20992]

R2 BsMain;BullGuard main service; C:\Windows\System32\SvcHost.exe [2009-07-14 20992]

R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2013-12-02 215376]

R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2013-12-02 300880]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-12-28 294912]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 463896]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-06-05 133992]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-23 166720]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-23 136176]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2014-01-23 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-01-23 79360]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-01-23 1045256]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-23 136176]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-11-26 569768]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

24 januari 2014 aangepast door kape
dubbellog verwijderd

kape · 24 januari 2014

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
filesrcm;
autoclean;

De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

Arthemius · 26 januari 2014

Zoek.exe v5.0.0.0 Updated 25-January-2014

Tool run by Andreas on zo 26/01/2014 at 11:26:04,00.

Microsoft Windows 7 Ultimate 6.1.7600 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Andreas\Desktop\zoek.exe [scan all users] [script inserted]

===== Runcheck 11:26:31,24 =====

--- Create Environment Variables 11:26:31,40

--- Create System Restore Point 11:26:36,00

--- Checking Input 11:26:40,29

--- AU AppData Check 11:26:41,15

--- Remove From Windows Installer 11:26:42,01

--- Empty Folders Check 11:27:00,42

--- IE Startpage Check 11:27:08,90

--- Program Files DB Check 11:27:13,47

--- C:\Users\Andreas\AppData\Roaming DB Check 11:27:52,33

--- C:\Users\Default\AppData\Roaming DB Check 11:27:52,33

--- C:\Users\Default User\AppData\Roaming DB Check 11:27:52,33

--- C:\Windows\system32\config\systemprofile\AppData\Roaming DB Check 11:27:52,33

--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 11:27:52,33

--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 11:27:52,33

--- C:\Users\Andreas DB Check 11:30:05,91

--- C:\ProgramData DB Check 11:30:29,26

--- C:\Users\Andreas\AppData\Local DB Check 11:30:30,47

--- C:\Users\Default\AppData\Local DB Check 11:30:30,47

--- C:\Users\Default User\AppData\Local DB Check 11:30:30,47

--- C:\Windows\system32\config\systemprofile\AppData\Local DB Check 11:30:30,47

--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 11:30:30,47

--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 11:30:30,47

--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 11:32:03,77

--- DB Check 11:32:13,98

Arthemius · 26 januari 2014

Zoek.exe v5.0.0.0 Updated 25-January-2014

Tool run by Andreas on zo 26/01/2014 at 11:26:04,00.

Microsoft Windows 7 Ultimate 6.1.7600 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Andreas\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

26/01/2014 11:26:40 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\Andreas\AppData\Roaming\QuickScan deleted successfully

C:\Users\Andreas\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\ProgramData\Package Cache deleted

C:\END deleted

C:\Windows\System32\tmp35DE.tmp deleted

C:\Windows\System32\tmp364C.tmp deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-01-23 21:23:01 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin

2014-01-23 21:06:55 C419DF63E0121D72411285780C2FC6CC 90112 ------w- C:\Windows\Updreg.EXE

2014-01-23 21:06:52 A15DA181F81EAB1B70010681EB44D2AF 2267 ------w- C:\Windows\FF08_Capture.ini

2014-01-23 21:06:52 83EEA1461C76A1A52AF81854662FB9D0 2775 ------w- C:\Windows\FF08_Render_Spk.ini

2014-01-23 21:06:52 346886D83AC94180BEFCF2DE092F4335 1542 ------w- C:\Windows\FF08_Render.ini

2014-01-23 21:06:52 23D5B0D8AB99F7639064ABE8A4B40629 2411 ------w- C:\Windows\FF08_Render_Hp.ini

2014-01-23 21:06:46 A04CAA79A0F7116E3A22D93E58656232 1323 ------w- C:\Windows\THXCfg_HP_APOIM.ini

2014-01-23 21:06:46 41421F287A842FAC2153F5CAFD7EDD8D 1424 ------w- C:\Windows\THXCfg_SP_APOIM.ini

2014-01-23 21:06:46 182678953DF436B10223821231C471BB 1323 ------w- C:\Windows\THXCfg_APOIM.ini

2014-01-23 21:06:43 2CD53BF70E1FF9A16E3087302D3AAA56 87 ---ha-r- C:\Windows\ctfile.rfc

2014-01-23 21:00:52 326A3081242E095A200210D9E3532130 1706640 ------r- C:\Windows\RtlExUpd.dll

2014-01-23 20:44:58 718FECF22BF4BD4FC05B79AA4BEC75D0 1769 ----a-w- C:\Windows\Language_trs.ini

2014-01-23 20:44:52 07A11C8D12219F3A56A78D8E17A40C54 44951 ----a-w- C:\Windows\Ascd_tmp.ini

====== C:\Users\Andreas\AppData\Local\Temp ====

2014-01-23 21:07:04 A06ED9FCD8F114E270AA64C46063D8C3 552214 ----a-r- C:\Users\Andreas\AppData\Local\Temp\{EC816D00-BA64-45DB-8E89-0FBEBC5AE06F}\ISSetup.dll

====== C:\Windows\system32 =====

2014-01-26 10:20:05 57C8AE30409B42865D423658D0F48BD1 512 ----a-w- C:\Windows\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD

2014-01-24 17:26:14 8D908F346EEDD752005A32787A6DCAFA 363520 ----a-w- C:\Windows\System32\StructuredQuery.dll

2014-01-24 17:26:14 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\System32\poqexec.exe

2014-01-24 17:26:09 662398B18EE2A910265630893AD09B1B 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-01-24 17:26:03 FE47B7BC8EA320C2D9B5E5BF6E303765 73216 ----a-w- C:\Windows\System32\WUDFSvc.dll

2014-01-24 17:26:03 D689B2C2E69156D954C24810F4081C1E 38912 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

2014-01-24 17:26:03 D5CF1536137026ACDED95BF6CBF849F6 172032 ----a-w- C:\Windows\System32\WUDFPlatform.dll

2014-01-24 17:26:03 A36F7A256E65D858A7039DB00ADEEBDD 613888 ----a-w- C:\Windows\System32\WUDFx.dll

2014-01-24 17:26:03 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe

2014-01-24 17:25:55 DA1919D896DBD5895E138932AE9E398B 293376 ----a-w- C:\Windows\System32\browserchoice.exe

2014-01-23 22:19:17 90691014D96030B69D7B8D6A0967FC67 257024 ----a-w- C:\Windows\System32\msv1_0.dll

2014-01-23 22:17:01 2F0BC1FC6142DCB31C7D9804962A7011 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2014-01-23 22:16:03 AFF03EAADAB9BE41A98B76332B980283 5120 ----a-w- C:\Windows\System32\wmi.dll

2014-01-23 22:16:02 6380BE4AB7AFA48BAEF321E8CA980ADD 172544 ----a-w- C:\Windows\System32\wintrust.dll

2014-01-23 22:16:01 97CCB4D737B426B200E5EF90C877DF32 158720 ----a-w- C:\Windows\System32\imagehlp.dll

2014-01-23 22:05:30 D5AD6FE415664BFD94384A30AAC5488B 83425928 ----a-w- C:\Windows\System32\MRT.exe

2014-01-23 22:05:00 6D9B75275C3E3A5F51AEF81AFFADB2B6 276992 ----a-w- C:\Windows\System32\wcncsvc.dll

2014-01-23 21:39:34 A2CB61B68566F6DB067607273119D27B 868352 ----a-w- C:\Windows\System32\kernel32.dll

2014-01-23 21:39:34 A28F0D880F3A9D3A25E0DB14EF197063 293376 ----a-w- C:\Windows\System32\KernelBase.dll

2014-01-23 21:39:33 8531AAF69394EFB93BC653916C46D245 169984 ----a-w- C:\Windows\System32\winsrv.dll

2014-01-23 21:39:33 06325E5412596F7B4A8170519EF64392 271360 ----a-w- C:\Windows\System32\conhost.exe

2014-01-23 21:39:15 D04FA5F4A105AB1838B8C52D883B02C0 107520 ----a-w- C:\Windows\System32\cdd.dll

2014-01-23 21:21:35 FA4B5940B31853ADE67A73026884C8C9 1130824 ----a-w- C:\Windows\System32\dfshim.dll

2014-01-23 21:21:35 DFF617498211FBB3D8D3FCC51A37B777 99176 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2014-01-23 21:21:35 302964DCAC79D618CC7B72C778DA9FD2 295264 ----a-w- C:\Windows\System32\PresentationHost.exe

2014-01-23 21:21:35 15515AE1540B4EE2B75DF63FC15129DF 49472 ----a-w- C:\Windows\System32\netfxperf.dll

2014-01-23 21:21:35 128DD9AF8640DBCC711940903C8B554F 297808 ----a-w- C:\Windows\System32\mscoree.dll

2014-01-23 21:12:34 8D5258D6680FC9C30D5FC2BABEF8CF4B 132608 ----a-w- C:\Windows\System32\cabview.dll

2014-01-23 21:12:34 50DA20DD18A8FEFEE57942188BFF06F4 826368 ----a-w- C:\Windows\System32\rdpcore.dll

2014-01-23 21:09:34 FC3EC24FCE372C89423E015A2AC1A31E 1933848 ----a-w- C:\Windows\System32\wuaueng.dll

2014-01-23 21:09:34 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\Windows\System32\wups2.dll

2014-01-23 21:09:34 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\Windows\System32\wuauclt.exe

2014-01-23 21:09:34 285C594C4913FA9DC7BB6BA3AD6F101A 2422272 ----a-w- C:\Windows\System32\wucltux.dll

2014-01-23 21:09:33 C480F0E968ECA0D80D0299D7F204E33B 88576 ----a-w- C:\Windows\System32\wudriver.dll

2014-01-23 21:09:33 3458EDA96E30FBD0477A2800D3FB1909 35864 ----a-w- C:\Windows\System32\wups.dll

2014-01-23 21:09:33 1A617835452EEE5060976C9B9F5FE635 577048 ----a-w- C:\Windows\System32\wuapi.dll

2014-01-23 21:09:32 98F94089E9C549E223AB05BE54BAB2ED 171904 ----a-w- C:\Windows\System32\wuwebv.dll

2014-01-23 21:09:32 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\Windows\System32\wuapp.exe

2014-01-23 21:09:10 9AC432010071318B4F96364FAA6D3117 294272 ----a-r- C:\Windows\System32\PROUnstl.exe

2014-01-23 21:09:10 8C3D0C73A0850A0EE62DF9EC36DBDE80 1904 ------w- C:\Windows\System32\SetupBD.din

2014-01-23 21:08:25 7C4B1C04428F28C1A46E95B6A85AE88F 72360 ----a-w- C:\Windows\System32\e1cmsg.dll

2014-01-23 21:08:25 4192468FB10D604673BC46AC50AFA22F 28792 ----a-w- C:\Windows\System32\NicCo36.dll

2014-01-23 21:08:25 226D65B23E1BF630FFC9BBF1FBB577C7 3109 ----a-w- C:\Windows\System32\e1c6232.din

2014-01-23 21:08:23 D18219026D98AD5B239BB9938FCF57AA 82624 ----a-w- C:\Windows\System32\NicInstC.dll

2014-01-23 21:06:52 D6294ED17CE70C3755311F8E32CDF804 102400 ------w- C:\Windows\System32\CTtele32.dll

2014-01-23 21:06:52 A102B348E14ED921ECD84D45F8399EAC 7594 ------w- C:\Windows\System32\xFiMB2CfgUninstall32.ini

2014-01-23 21:06:52 9495418DE2A4BD1C29C83E3EC642DC38 5135 ------w- C:\Windows\System32\cfgfx.ini

2014-01-23 21:06:52 80A5C0D5971A40B3A5C8566C215FA601 192512 ------w- C:\Windows\System32\AMBSpiE.exe

2014-01-23 21:06:52 5A390B6B2C58B07013D955904552A36F 132096 ------w- C:\Windows\System32\cfgChain.exe

2014-01-23 21:06:52 574C1FBC726C89FAF309332E17D029CC 14848 ------w- C:\Windows\System32\AmbRunE.dll

2014-01-23 21:06:52 53DF66EFD9D9A1E77B35DE51F3755AE9 82944 ------w- C:\Windows\System32\ctpxst32.exe

2014-01-23 21:06:52 16A92F5CC7F371157A489BC8E74BFD41 11264 ------w- C:\Windows\System32\ResDefE.exe

2014-01-23 21:06:46 DC3B33F2107FC2FD6273FEE045BC683F 24576 ------w- C:\Windows\System32\THXCfg32.dll

2014-01-23 21:06:46 A9EF56C616578F7B09366EDE5F8833B5 7195 ------w- C:\Windows\System32\THXCfgUninstall32.ini

2014-01-23 21:06:46 5A390B6B2C58B07013D955904552A36F 132096 ------w- C:\Windows\System32\THXCfg32.exe

2014-01-23 21:06:46 4FD523869653CB66C4C593DE9769046E 6925 ------w- C:\Windows\System32\THXCfg32.ini

2014-01-23 21:06:46 2578D9803704CA19AA37D8FC1B97DE81 11264 ------w- C:\Windows\System32\ResDefA.exe

2014-01-23 21:06:43 FE02416988970A924C302C8E448BB703 73728 ----a-w- C:\Windows\System32\CmdRtr.DLL

2014-01-23 21:06:43 9393026B368C1EF19FDC6CF5DC631BF2 181760 ----a-w- C:\Windows\System32\APOMngr.DLL

2014-01-23 21:06:42 DB08CF76449D2EB521DFB71A58DAF62D 445016 ----a-w- C:\Windows\System32\wrap_oal.dll

2014-01-23 21:06:42 663A319D105E14548DBA4C72201876B1 109144 ----a-w- C:\Windows\System32\OpenAL32.dll

2014-01-23 21:06:41 E686A3CA2BD12CB9F9B22663E58D5352 2906586 ------w- C:\Windows\System32\Sens_oal.dll

2014-01-23 21:01:13 CE1E84AA03EE50362D3C69382DCFA294 1783056 ----a-w- C:\Windows\System32\WavesLib.dll

2014-01-23 21:01:12 A258F7B2B84E88118369B0B2196CC257 140528 ----a-w- C:\Windows\System32\SRSWOW.dll

2014-01-23 21:01:12 8C83CED38F8CAC3E8D5A953C03BCF4B4 345328 ----a-w- C:\Windows\System32\SRSTSXT.dll

2014-01-23 21:01:12 272BF8E5DBDAF0614CC367A25EA3B256 173296 ----a-w- C:\Windows\System32\SRSHP360.dll

2014-01-23 21:01:12 029F36DE21AFBDD2865CC657E252EBA7 185584 ----a-w- C:\Windows\System32\SRSTSHD.dll

2014-01-23 21:01:11 C1B3BA8A3BF7FBAD50E93E0ADF82D61D 2486416 ----a-w- C:\Windows\System32\RtkPgExt.dll

2014-01-23 21:01:10 D7F34216959C792C2B44023B0E19D29C 658064 ----a-w- C:\Windows\System32\RtkApoApi.dll

2014-01-23 21:01:10 4B540CD34B883C174008F33F249D6773 13416 ----a-w- C:\Windows\System32\RtkCoLDR.dll

2014-01-23 21:01:10 1BEF2F73D559B32B81B60A0117C7FAF7 3196048 ----a-w- C:\Windows\System32\RtkAPO.dll

2014-01-23 21:01:10 1670147ABB395B06411EA6CE357029BA 90256 ----a-w- C:\Windows\System32\RtkCoInstII.dll

2014-01-23 21:01:07 E232507C219A1957880D4EB6D022FAC7 170840 ----a-w- C:\Windows\System32\RTEED32A.dll

2014-01-23 21:01:07 A6686775084244141483AEA0391508D2 359768 ----a-w- C:\Windows\System32\RTEEP32A.dll

2014-01-23 21:01:07 5B18398DEDE4A4A78651CD34F0A217A5 78680 ----a-w- C:\Windows\System32\RTEEL32A.dll

2014-01-23 21:01:07 3DE99987154319C901A6537BA8777CB9 64856 ----a-w- C:\Windows\System32\RTEEG32A.dll

2014-01-23 21:01:07 005E7D8756440833568E805DD873EC18 1501840 ----a-w- C:\Windows\System32\RTSndMgr.cpl

2014-01-23 21:01:06 C619CDFA5CDC5A346C89870010A2391C 295768 ----a-w- C:\Windows\System32\RP3DAA32.dll

2014-01-23 21:01:06 4F92047498EFEA076E3745C291481975 295768 ----a-w- C:\Windows\System32\RP3DHT32.dll

2014-01-23 21:01:02 F394F114887A3828B569434356ED0ED7 1929592 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll

2014-01-23 21:01:01 E5C81D5681F5CCB5C513F56B33B57F0E 71808 ----a-w- C:\Windows\System32\MBWrp32.dll

2014-01-23 21:01:01 B8FEA541BD9EE7554294C3A69166A764 753280 ----a-w- C:\Windows\System32\MBAPO32.dll

2014-01-23 21:01:01 9C9058946F43C37013214E46B1DD9315 561792 ----a-w- C:\Windows\System32\MBTHX32.dll

2014-01-23 21:01:01 84AB243EBB8839C268BA45975BD6558C 132368 ----a-w- C:\Windows\System32\MaxxAudioAPO.dll

2014-01-23 21:01:01 57C588F098C811E9459AC7034349AF6F 232792 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll

2014-01-23 21:01:01 289CF5DD4941F0E1F2033AE887E739AA 717176 ----a-w- C:\Windows\System32\MaxxAudioAPOShell.dll

2014-01-23 21:00:57 EB4F2F94C791254C2923C090583A63A3 2193472 ----a-w- C:\Windows\System32\FMAPO.dll

2014-01-23 21:00:55 254ACF29130F8143C88A54ED81738ACF 90624 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll

2014-01-23 21:00:54 C86A0967E5C040AAB947F883F0B6D96F 95840 ----a-w- C:\Windows\System32\AERTARen.dll

2014-01-23 21:00:54 57F8D7F52371DAAC3F84815D8EF5805D 176736 ----a-w- C:\Windows\System32\AERTACap.dll

2014-01-23 21:00:18 2BF7B8CBF16D41B249F4C224D3DE0FB3 53248 ----a-r- C:\Windows\System32\CSVer.dll

2014-01-23 20:42:20 4D746311E053970BF946F0BE0ADFB66E 781298 ----a-w- C:\Windows\System32\PerfStringBackup.INI

====== C:\Windows\system32\drivers =====

2014-01-24 17:26:04 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2014-01-24 17:26:04 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2014-01-24 17:26:02 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-01-23 22:17:25 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2014-01-23 22:17:02 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2014-01-23 22:17:01 A840213F1ACDCC175B4D1D5AAEAC0D7A 526952 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2014-01-23 22:16:03 500A9814FD9446A8126858A5A7F7D273 19312 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2014-01-23 22:15:29 9E79E2354301783D5E0D48411C2A7466 190976 ----a-w- C:\Windows\System32\drivers\ks.sys

2014-01-23 21:50:19 C78EA24CE267EAA6BF67CAAEB11C0520 26496 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2014-01-23 21:39:15 CF519D46E5B8BDE8D7BA981BA9A174CD 219008 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2014-01-23 21:39:15 1679A4669326CB1A67CC95658D273234 728448 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-01-23 21:12:34 7156308896D34EA75A582F9A09E50C17 24064 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2014-01-23 21:12:34 0399C725A9C95A6F1862B93F008DDF4A 177152 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2014-01-23 21:08:25 A59E3FF35879A2BC206AB03572783DCA 392872 ----a-w- C:\Windows\System32\drivers\e1c6232.sys

2014-01-23 21:07:28 B26073982EA6212EB2B7A5CCEF9C4E96 15168 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll

2014-01-23 21:07:14 77BCCA795154AAB78BC3A28DD1560021 55104 ----a-w- C:\Windows\System32\drivers\HECI.sys

2014-01-23 21:01:18 46989159059F99B1954B5EB53D696947 1332 ------r- C:\Windows\System32\drivers\DTSU2P.DAT

2014-01-23 21:01:07 55DD369E447F7A056DAA629D00D1BED8 3273360 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys

2014-01-23 21:01:06 77B5BDB2B46EAE4223BECE010549141C 329737 ----a-w- C:\Windows\System32\drivers\RTAIODAT.DAT

====== C:\Windows\Tasks ======

2014-01-23 20:58:59 4290DD58653409DA8497B770486B79FE 3790 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

2014-01-23 20:58:59 378FC78DDB0FE1E957F56C4034452FD0 1046 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-01-23 20:58:59 01B84068AF0202F5BF5050DD85457AA0 4042 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA

2014-01-23 20:58:58 96EBF9921374F2E05263E88D2E51FA37 1042 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-24 17:27:17 -------- d-----w- C:\Program Files\trend micro

2014-01-23 21:55:20 -------- d-----w- C:\Program Files\Common Files\Steam

2014-01-23 21:55:13 -------- d-----w- C:\Program Files\Steam

2014-01-23 21:31:10 -------- d-----w- C:\Program Files\Common Files\BullGuard Ltd

2014-01-23 21:31:09 -------- d-----w- C:\Program Files\BullGuard Ltd

2014-01-23 21:22:09 -------- d-----w- C:\Program Files\AMD AVT

2014-01-23 21:21:55 -------- d-----w- C:\Program Files\AMD

2014-01-23 21:21:37 -------- d-----w- C:\Program Files\Microsoft.NET

2014-01-23 21:21:10 -------- d-----w- C:\Program Files\ATI

2014-01-23 21:07:55 -------- d-----w- C:\Program Files\ASM104xUSB3

2014-01-23 21:07:38 -------- d-----w- C:\Program Files\ASM106xSATA

2014-01-23 21:05:55 -------- d-----w- C:\Program Files\Common Files\Creative Labs Shared

2014-01-23 21:05:25 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared

2014-01-23 21:05:24 -------- d-----w- C:\Program Files\Creative

2014-01-23 21:00:53 -------- d--h--w- C:\Program Files\Temp

2014-01-23 21:00:53 -------- d-----w- C:\Program Files\Realtek

2014-01-23 21:00:18 -------- d-----w- C:\Program Files\Intel

2014-01-23 20:58:58 -------- d-----w- C:\Program Files\Google

2014-01-23 20:45:15 -------- d--h--w- C:\Program Files\InstallShield Installation Information

2014-01-23 20:45:15 -------- d-----w- C:\Program Files\ASUS

2014-01-23 20:45:11 -------- d-----w- C:\Program Files\Common Files\InstallShield

======= C: =====

====== C:\Users\Andreas\AppData\Roaming ======

2014-01-24 17:25:48 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\BullGuard

2014-01-23 22:03:23 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Google

2014-01-23 22:03:09 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft

2014-01-23 21:31:41 -------- d-----w- C:\Users\Andreas\AppData\Roaming\BullGuard

2014-01-23 21:23:25 D787DFF586118E3234A46389ADE83CF8 57560 ----a-w- C:\Users\Andreas\AppData\Local\GDIPFONTCACHEV1.DAT

2014-01-23 21:23:18 -------- d-----w- C:\Users\Andreas\AppData\Roaming\ATI

2014-01-23 21:23:18 -------- d-----w- C:\Users\Andreas\AppData\Local\ATI

2014-01-23 21:14:10 -------- d-----w- C:\Users\Andreas\AppData\Roaming\Adobe

2014-01-23 21:09:57 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm

2014-01-23 21:09:44 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking

2014-01-23 21:09:28 -------- d-s---w- C:\Users\Andreas\AppData\Locallow\Microsoft

2014-01-23 21:07:05 -------- d-----w- C:\Users\Andreas\AppData\Roaming\InstallShield

2014-01-23 20:58:58 -------- d-----w- C:\Users\Andreas\AppData\Local\Google

2014-01-23 20:32:24 -------- d-s---w- C:\Users\Andreas\AppData\Roaming\Microsoft

2014-01-23 20:32:24 -------- d-----w- C:\Users\Andreas\AppData\Roaming\Media Center Programs

2014-01-23 20:32:24 -------- d-----w- C:\Users\Andreas\AppData\Local\Temp

2014-01-23 20:32:24 -------- d-----w- C:\Users\Andreas\AppData\Local\Microsoft

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

====== C:\Users\Andreas ======

2014-01-24 17:28:49 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Andreas\Downloads\RSIT (1).exe

2014-01-24 17:27:06 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Andreas\Downloads\RSIT.exe

2014-01-23 21:55:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2014-01-23 21:54:39 2490602E7489690853CD62DED939366B 1133552 ----a-w- C:\Users\Andreas\Downloads\SteamSetup.exe

2014-01-23 21:36:51 -------- d-----r- C:\Users\Andreas\Searches

2014-01-23 21:31:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard

2014-01-23 21:30:57 -------- d-----w- C:\ProgramData\BullGuard

2014-01-23 21:26:08 9E2084FEBCA6C2E32323768B36C5FEC4 316248 ----a-w- C:\Users\Andreas\Downloads\BullGuardDownloader.exe

2014-01-23 21:23:18 -------- d-----w- C:\ProgramData\ATI

2014-01-23 21:22:09 -------- d-----w- C:\ProgramData\AMD

2014-01-23 21:22:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-01-23 21:14:29 39B2E0A4048EA6D0F41FEE27298B62FE 791552 ----a-w- C:\Users\Andreas\Downloads\amddriverdownloader.exe

2014-01-23 21:07:27 -------- d-----w- C:\ProgramData\Intel

2014-01-23 21:07:02 -------- d-----w- C:\ProgramData\Creative

2014-01-23 21:05:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative

2014-01-23 20:59:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-01-23 20:32:24 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Andreas\ntuser.ini

2014-01-23 20:32:24 -------- d--h--w- C:\Users\Andreas\AppData

2014-01-23 20:32:24 -------- d-----w- C:\Users\Andreas\Saved Games

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Videos

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Pictures

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Music

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Links

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Favorites

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Downloads

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Documents

2014-01-23 20:32:24 -------- d-----r- C:\Users\Andreas\Desktop

====== C: exe-files ==

2014-01-24 17:33:04 5B169D25ECEB65E418B1C45D7139911E 131204 ----a-w- C:\Program Files\Steam\steam\backup\spanish\steambackup.exe

2014-01-24 17:31:41 58FDC9D6163A84B0251E6C734D1AA4AD 131187 ----a-w- C:\Program Files\Steam\steam\backup\italian\steambackup.exe

2014-01-24 17:31:39 83C20C8F862317B8ECA7B0FE269EF400 131277 ----a-w- C:\Program Files\Steam\steam\backup\german\steambackup.exe

2014-01-24 17:31:38 09E75C6D5E3DC12869BF97DB284A5669 131213 ----a-w- C:\Program Files\Steam\steam\backup\french\steambackup.exe

2014-01-24 17:31:37 AC2222D464E1EEC88F2E609D7D21B5D3 131194 ----a-w- C:\Program Files\Steam\steam\backup\english\steambackup.exe

2014-01-24 17:31:37 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files\Steam\steam\games\appid_6520.exe

2014-01-24 17:31:37 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files\Steam\steam\games\appid_6510.exe

2014-01-24 17:31:36 E52C1B99FB8622F6F79144F84EA1382D 193784 ----a-w- C:\Program Files\Steam\steam\games\appid_10560.exe

2014-01-24 17:31:36 C34F746ACB2A8C69817AE58AA1DF5D30 238840 ----a-w- C:\Program Files\Steam\steam\games\appid_17300.exe

2014-01-24 17:31:36 B6AE77037F06336CF5046603E715D39F 226552 ----a-w- C:\Program Files\Steam\steam\games\appid_17340.exe

2014-01-24 17:31:36 A23357A49B79CBF46E15F367FBC2028E 500984 ----a-w- C:\Program Files\Steam\steam\games\appid_17330.exe

2014-01-24 17:31:36 9F0ACFF4C39190F3F84CF87FE4C34085 193784 ----a-w- C:\Program Files\Steam\steam\games\appid_10540.exe

2014-01-24 17:31:23 A72DEEEA994A14818042152B077C23CB 207784 ----a-w- C:\Program Files\Steam\steamerrorreporter.exe

2014-01-24 17:31:23 7B01E84649396A08BF30AD8893243CB5 250280 ----a-w- C:\Program Files\Steam\steamerrorreporter64.exe

2014-01-24 17:31:16 EE57DFA8CDE83118E8745BE09D5E8259 284456 ----a-w- C:\Program Files\Steam\WriteMiniDump.exe

2014-01-24 17:31:16 D34C8B7D075269300CE013F8203B2852 60840 ----a-w- C:\Program Files\Steam\GameOverlayUI.exe

2014-01-24 17:31:15 2D5D5088D31CA3B7333B1CF0FDFC2706 76712 ----a-w- C:\Program Files\Steam\bin\x64launcher.exe

2014-01-24 17:29:02 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Andreas.exe

2014-01-23 22:08:24 00C2D68C98FA311C1A80EE33ED846923 36500648 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_chrome_installer.exe

2014-01-23 22:03:37 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe

2014-01-23 22:03:37 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe

2014-01-23 22:03:36 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe

2014-01-23 22:03:24 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

2014-01-23 22:03:24 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

2014-01-23 22:03:23 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe

2014-01-23 22:03:10 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe

2014-01-23 21:55:20 7EE717B9B9F183B236BBE9E25FA497F2 569768 ----a-w- C:\Program Files\Common Files\Steam\SteamService.exe

2014-01-23 21:07:28 1D244BA5DF607E4C4C50A4CFDA2EE87A 166720 ----a-w- C:\Program Files\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

2014-01-23 21:07:15 C76ECDA6255B9422F4C7E3F4D267012D 977728 ----a-w- C:\Program Files\Intel\Intel® Management Engine Components\uninstall\Setup.exe

2014-01-23 21:07:06 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files\InstallShield Installation Information\{40FEF622-6E0F-46B6-824B-A40C178FD4CD}\setup.exe

2014-01-23 21:06:58 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-w- C:\Program Files\InstallShield Installation Information\{89F922D6-E3E0-4303-AF8E-CE18412E3A18}\setup.exe

2014-01-23 21:06:57 CAFB55AA463C6DF8802122838D50D2BB 116880 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\SCTool\setup.exe

2014-01-23 21:06:56 406C99674CE7090115A223B4A16E874A 1482752 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\ActMgr\CTActMgr.exe

2014-01-23 21:06:51 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{AF056DD0-0AB9-45FB-8F18-6470163F3C16}\setup.exe

2014-01-23 21:06:46 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{A2395BFA-254D-453F-8247-4B1029E66794}\setup.exe

2014-01-23 21:06:42 A9576AA683194D91FB8D5BE01DECE473 630592 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\APOIM\APOIM32.exe

2014-01-23 21:06:42 4AB9C9898DF4529EB05759C24F0A97FD 809560 ------w- C:\Program Files\Creative\OpenAL\oalinst.exe

2014-01-23 21:06:40 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe

2014-01-23 21:06:37 C0EAD9F8AB83D41FF07303C75589C2B8 79360 ----a-w- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

2014-01-23 21:06:36 DFDD3E2A3FEA756E569EB992E942491C 45056 ------w- C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\AudELSvc\ScsInstall.exe

2014-01-23 21:06:36 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe

2014-01-23 21:06:34 CC37DE63E5454CB129E833F6F7000FD8 294912 ----a-w- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

2014-01-23 21:06:33 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe

2014-01-23 21:06:33 0E67B5018A7FEA608D46466EDCAC89C1 241789 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe

2014-01-23 21:06:25 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe

2014-01-23 21:06:25 1C8671937B6DB291E9A0D595FB958F63 315904 ------w- C:\Program Files\Creative\Audio Device Selection Unicode\CTAudSeu.exe

2014-01-23 21:06:21 BD8C016D7DBC56983344291B70A38372 151617 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Console\SBCsl.exe

2014-01-23 21:06:21 B19997374600434F2B626D9E01B26C93 23552 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Console\CTRegSvu.exe

2014-01-23 21:06:20 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{CBC8B167-55B7-4C01-A513-F5D0108CC4BD}\setup.exe

2014-01-23 21:06:18 ADA26465D52A50A34CDBC5B785035EE6 53341 ------w- C:\Program Files\Creative\Shared Files\CTSched.exe

2014-01-23 21:06:17 B36F5EF99925226AB7C3432A6E474BCC 94208 ------w- C:\Program Files\Creative\Shared Files\Software Update\CTSURun.exe

2014-01-23 21:06:17 88C89106CC688730E1AC7C69808A5F05 1571088 ------w- C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe

2014-01-23 21:06:17 6C45FE9B1940E47AEE5662ED47139383 1571064 ------w- C:\Program Files\Creative\Shared Files\Software Update\AutoUpdateA.exe

2014-01-23 21:06:16 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe

2014-01-23 21:06:04 BA34E1F9B21F7D21FB3C97D86FCDDBC9 81920 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\Music Server\CTRegSvu.exe

2014-01-23 21:06:04 08D0DBD647DA81134B720C3992CF607D 331776 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\Music Server\MusicSvr.exe

2014-01-23 21:06:02 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{3D705066-20D4-4DF7-91C8-14520B2393ED}\setup.exe

2014-01-23 21:05:57 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{2297E770-BA52-491D-B5EE-039396C028F4}\setup.exe

2014-01-23 21:05:55 C8BD651E13895B93ED9EC5B4F1DF42BC 79360 ----a-w- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

2014-01-23 21:05:54 C87C15FEF2EFE95D1F9127408565E5C7 1763648 ------w- C:\Program Files\Creative\ALchemy\ALchemy.exe

2014-01-23 21:05:54 AA158BA7D6FF6D0F12BC35332653F6CF 45728 ------w- C:\Program Files\Creative\ALchemy\CTSUApp.exe

2014-01-23 21:05:54 2A9A945045DEE8CAB6A8B509DCBEDDDF 53920 ------w- C:\Program Files\Creative\ALchemy\ScsInstall.exe

2014-01-23 21:05:53 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe

2014-01-23 21:05:48 0C8A9E2949835DA89C19E83287682042 94208 ------w- C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe

2014-01-23 21:05:46 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe

2014-01-23 21:05:43 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{308880BD-B5EE-457B-984E-E3CF9D7D5068}\setup.exe

2014-01-23 21:05:38 E02A512F30FC2A02A9CADEEC375FC969 1517056 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe

2014-01-23 21:05:38 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-r- C:\Program Files\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe

2014-01-23 21:05:38 447C736876EBAF05FCC5C795961F6B13 439008 ------w- C:\Program Files\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\CTSUAppu.exe

2014-01-23 21:05:25 8669BE94F63944E4F899C3950B520241 1045256 ----a-w- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

2014-01-23 21:05:24 3980FC123EE14A7500F5A566917FAEB2 24576 ------w- C:\Program Files\Creative\Shared Files\CTRegSvr.exe

2014-01-23 21:05:19 F89558047E71F655A4DDB99E893213ED 5632 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe

2014-01-23 21:01:25 3B65A18970E5E6A08B8E70A624D82C43 1493608 ------r- C:\Program Files\Realtek\Audio\InstallShield\Rtkupd.exe

2014-01-23 21:01:16 3B65A18970E5E6A08B8E70A624D82C43 1493608 ------w- C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe

2014-01-23 21:01:12 9A9A59D2C664C4D7B8972E87EE88ADC9 1833576 ------w- C:\Program Files\Realtek\Audio\HDA\SkyTel.exe

2014-01-23 21:01:12 3B65A18970E5E6A08B8E70A624D82C43 1493608 ------w- C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe

2014-01-23 21:01:10 94CFE9D2E8B9DC9C7024A09C48468DF0 5986960 ------w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe

2014-01-23 21:01:08 CAA35A896BBB07BF5D072B1BB5C6EB8F 11668112 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

2014-01-23 21:01:08 64D69FB799C61BC8941C4FFFB17B0B95 916112 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe

2014-01-23 21:00:57 879BBDF616FE27FECEABB2910259FD0E 52288 ------w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

2014-01-23 21:00:54 A6CE73469591554279DA63BE715DBC93 87968 ------w- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

2014-01-23 21:00:53 49B3D2077199C44C1F3BBB16B4094AE6 121064 ----a-w- C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe

2014-01-23 21:00:50 D87A2C80695F22C428BD4A64291D45E3 5632 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe

2014-01-23 20:58:58 F02A533F517EB38333CB12A9E8963773 136176 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe

2014-01-23 20:45:15 774798BBFFD9D711C3B8C9EEB5E074F7 109712 ----a-w- C:\Program Files\InstallShield Installation Information\{771E68C2-D3AA-4990-B998-D932FE94D2A9}\setup.exe

2014-01-23 20:45:11 D54D4FC54F1FBAB076E6A1FC754D8352 5632 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1101162808-348081067-1443725307-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s"

"THX Audio Control Panel"="C:\Program Files\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe /r"

"THXCfg32"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg32.dll,RunDLLEntry THXCfg32"

"RunDLLEntry"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry"

"UpdReg"="C:\Windows\UpdReg.EXE"

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun"

"BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot"

"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe"

"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"antiphishing@bullguard"="C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard" [23/01/2014 22:31]

==== Chrome Look ======================

YouTube - Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

kape · 26 januari 2014

En hoe staat het nu met het CPU-gebruik ?

Arthemius · 26 januari 2014

Nog steeds hetzelfde

kape · 26 januari 2014

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
Illegal operation attempted on a registry key that has been marked for deletion.

Arthemius · 27 januari 2014

ComboFix 14-01-27.02 - Andreas 27/01/2014 10:49:55.1.8 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.32710.30179 [GMT 1:00]

Gestart vanuit: c:\users\Andreas\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\SysWow64\tmpD2C8.tmp

c:\windows\SysWow64\tmpD346.tmp

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-12-27 to 2014-01-27 ))))))))))))))))))))))))))))))

.

2014-01-27 17:33 . 2014-01-27 08:55 -------- d-----w- c:\windows\Panther

2014-01-27 10:02 . 2014-01-27 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-01-27 09:41 . 2014-01-27 09:41 -------- d-----w- c:\programdata\FLEXnet

2014-01-27 09:40 . 2014-01-27 09:40 -------- d-----w- c:\programdata\ATI

2014-01-27 09:40 . 2014-01-27 09:40 0 ----a-w- c:\windows\ativpsrm.bin

2014-01-27 09:39 . 2014-01-27 09:39 -------- d-----w- c:\programdata\AMD

2014-01-27 09:39 . 2014-01-27 09:39 -------- d-----w- c:\program files (x86)\AMD AVT

2014-01-27 09:39 . 2014-01-27 09:39 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies

2014-01-27 09:39 . 2014-01-27 09:39 -------- d-----w- c:\program files\AMD

2014-01-27 09:39 . 2014-01-27 09:39 -------- d-----w- c:\program files\Common Files\ATI Technologies

2014-01-27 09:38 . 2014-01-27 09:38 -------- d-----w- c:\program files\ATI

2014-01-27 09:19 . 2014-01-27 09:19 -------- d-----w- c:\program files (x86)\ASUS

2014-01-27 09:18 . 2012-07-27 15:49 523136 ----a-r- c:\windows\system32\PROUnstl.exe

2014-01-27 09:17 . 2012-03-15 20:57 514736 ----a-w- c:\windows\system32\drivers\e1c62x64.sys

2014-01-27 09:17 . 2012-02-17 02:52 72360 ----a-w- c:\windows\system32\e1cmsg.dll

2014-01-27 09:17 . 2009-05-26 10:05 36472 ----a-w- c:\windows\system32\NicCo36.dll

2014-01-27 09:17 . 2012-02-03 03:07 99520 ----a-w- c:\windows\system32\NicInstC.dll

2014-01-27 09:17 . 2014-01-27 09:17 -------- d-----w- c:\program files (x86)\ASM104xUSB3

2014-01-27 09:16 . 2014-01-27 09:16 -------- d-----w- c:\program files (x86)\ASM106xSATA

2014-01-27 09:16 . 2012-08-07 18:41 15168 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll

2014-01-27 09:16 . 2014-01-27 09:16 -------- d-----w- c:\programdata\Intel

2014-01-27 09:16 . 2014-01-27 09:18 -------- d-----w- c:\program files\Intel

2014-01-27 09:16 . 2012-07-12 18:56 62784 ----a-w- c:\windows\system32\drivers\HECIx64.sys

2014-01-27 09:14 . 2014-01-27 09:14 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared

2014-01-27 09:14 . 2014-01-27 09:14 -------- d-----w- c:\program files\Creative

2014-01-27 09:13 . 2014-01-27 09:13 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared

2014-01-27 09:13 . 2014-01-27 09:15 -------- d-----w- c:\program files (x86)\Creative

2014-01-27 09:10 . 2012-07-23 14:02 626304 ----a-w- c:\windows\system32\MBTHX64.dll

2014-01-27 09:10 . 2012-07-23 14:02 561792 ----a-w- c:\windows\SysWow64\MBTHX32.dll

2014-01-27 09:10 . 2012-06-08 08:21 897152 ----a-w- c:\windows\system32\MBAPO64.dll

2014-01-27 09:10 . 2012-06-08 08:21 753280 ----a-w- c:\windows\SysWow64\MBAPO32.dll

2014-01-27 09:10 . 2012-04-10 06:40 2533952 ----a-w- c:\windows\system32\FMAPO64.dll

2014-01-27 09:10 . 2014-01-27 09:10 -------- d-----w- c:\program files (x86)\Realtek

2014-01-27 09:10 . 2012-06-20 09:26 110592 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll

2014-01-27 09:10 . 2012-03-08 03:47 108640 ----a-w- c:\windows\system32\AERTAR64.dll

2014-01-27 09:10 . 2012-03-08 03:47 202336 ----a-w- c:\windows\system32\AERTAC64.dll

2014-01-27 09:10 . 2014-01-27 09:15 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information

2014-01-27 09:10 . 2014-01-27 09:11 -------- d--h--w- c:\program files (x86)\Temp

2014-01-27 09:10 . 2012-08-03 10:18 1706640 ------r- c:\windows\RtlExUpd.dll

2014-01-27 09:10 . 2014-01-27 09:10 -------- d-----w- c:\program files (x86)\Common Files\InstallShield

2014-01-27 09:08 . 2012-05-10 08:37 53248 ----a-r- c:\windows\SysWow64\CSVer.dll

2014-01-27 09:08 . 2014-01-27 09:16 -------- d-----w- c:\program files (x86)\Intel

2014-01-27 09:02 . 2014-01-27 09:02 -------- d-----w- c:\windows\AsusInstAll

2014-01-27 09:02 . 2011-02-25 06:36 295296 ----a-w- c:\windows\system32\drivers\volsnap.sys

2014-01-27 09:02 . 2014-01-27 09:39 -------- d-sh--w- c:\windows\Installer

2014-01-27 09:02 . 2014-01-27 09:02 -------- d-----w- c:\program files (x86)\Google

2014-01-27 08:56 . 2014-01-27 08:59 -------- d-----w- c:\users\Andreas

2014-01-26 10:25 . 2014-01-26 11:25 -------- d-----w- C:\zoek_backup

2014-01-24 17:27 . 2014-01-24 17:29 -------- d-----w- C:\rsit

2014-01-24 05:18 . 2014-01-24 05:18 -------- d-----w- C:\Windows.old

2014-01-23 21:00 . 2014-01-23 21:00 -------- d-----w- C:\Intel

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-06 22:08 . 2013-12-06 22:08 157736 ----a-w- c:\windows\system32\amdhcp64.dll

2013-12-06 22:08 . 2013-12-06 22:08 142304 ----a-w- c:\windows\SysWow64\amdhcp32.dll

2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\atimpc64.dll

2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\amdpcom64.dll

2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll

2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2013-12-06 22:04 . 2013-12-06 22:04 143304 ----a-w- c:\windows\system32\atiuxp64.dll

2013-12-06 22:03 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2013-12-06 22:03 . 2013-12-06 22:03 115512 ----a-w- c:\windows\system32\atiu9p64.dll

2013-12-06 22:02 . 2013-12-06 22:02 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2013-12-06 22:01 . 2013-12-06 22:01 1318552 ----a-w- c:\windows\system32\aticfx64.dll

2013-12-06 22:01 . 2013-12-06 22:01 1100216 ----a-w- c:\windows\SysWow64\aticfx32.dll

2013-12-06 22:00 . 2013-12-06 22:00 9753752 ----a-w- c:\windows\system32\atidxx64.dll

2013-12-06 21:59 . 2013-12-06 21:59 8406024 ----a-w- c:\windows\SysWow64\atidxx32.dll

2013-12-06 21:59 . 2013-12-06 21:59 8287008 ----a-w- c:\windows\SysWow64\atiumdva.dll

2013-12-06 21:58 . 2013-12-06 21:58 6630232 ----a-w- c:\windows\SysWow64\atiumdag.dll

2013-12-06 21:57 . 2013-12-06 21:57 8927704 ----a-w- c:\windows\system32\atiumd6a.dll

2013-12-06 21:56 . 2013-12-06 21:56 7751920 ----a-w- c:\windows\system32\atiumd64.dll

2013-12-06 21:52 . 2013-12-06 21:52 13207552 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2013-12-06 21:38 . 2013-12-06 21:38 230912 ----a-w- c:\windows\system32\clinfo.exe

2013-12-06 21:38 . 2013-12-06 21:38 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe

2013-12-06 21:38 . 2013-12-06 21:38 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe

2013-12-06 21:38 . 2013-12-06 21:38 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe

2013-12-06 21:38 . 2013-12-06 21:38 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe

2013-12-06 21:38 . 2013-12-06 21:38 99840 ----a-w- c:\windows\system32\OpenVideo64.dll

2013-12-06 21:38 . 2013-12-06 21:38 83968 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2013-12-06 21:38 . 2013-12-06 21:38 86528 ----a-w- c:\windows\system32\OVDecode64.dll

2013-12-06 21:38 . 2013-12-06 21:38 73728 ----a-w- c:\windows\SysWow64\OVDecode.dll

2013-12-06 21:37 . 2013-12-06 21:37 29382144 ----a-w- c:\windows\system32\amdocl64.dll

2013-12-06 21:35 . 2013-12-06 21:35 24860160 ----a-w- c:\windows\SysWow64\amdocl.dll

2013-12-06 21:33 . 2013-12-06 21:33 63488 ----a-w- c:\windows\system32\OpenCL.dll

2013-12-06 21:33 . 2013-12-06 21:33 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll

2013-12-06 21:26 . 2013-12-06 21:26 129536 ----a-w- c:\windows\system32\coinst_13.251.dll

2013-12-06 21:16 . 2013-12-06 21:16 26352128 ----a-w- c:\windows\system32\atio6axx.dll

2013-12-06 21:13 . 2013-12-06 21:13 368640 ----a-w- c:\windows\system32\atiapfxx.exe

2013-12-06 21:12 . 2013-12-06 21:12 62464 ----a-w- c:\windows\system32\aticalrt64.dll

2013-12-06 21:12 . 2013-12-06 21:12 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll

2013-12-06 21:12 . 2013-12-06 21:12 55808 ----a-w- c:\windows\system32\aticalcl64.dll

2013-12-06 21:12 . 2013-12-06 21:12 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll

2013-12-06 21:12 . 2013-12-06 21:12 15716352 ----a-w- c:\windows\system32\aticaldd64.dll

2013-12-06 21:09 . 2013-12-06 21:09 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll

2013-12-06 20:58 . 2013-12-06 20:58 22157824 ----a-w- c:\windows\SysWow64\atioglxx.dll

2013-12-06 20:53 . 2013-12-06 20:53 442368 ----a-w- c:\windows\system32\atidemgy.dll

2013-12-06 20:53 . 2013-12-06 20:53 31232 ----a-w- c:\windows\system32\atimuixx.dll

2013-12-06 20:53 . 2013-12-06 20:53 588288 ----a-w- c:\windows\system32\atieclxx.exe

2013-12-06 20:52 . 2013-12-06 20:52 239616 ----a-w- c:\windows\system32\atiesrxx.exe

2013-12-06 20:50 . 2013-12-06 20:50 190976 ----a-w- c:\windows\system32\atitmm64.dll

2013-12-06 20:22 . 2013-12-06 20:22 96256 ----a-w- c:\windows\system32\amdave64.dll

2013-12-06 20:22 . 2013-12-06 20:22 90112 ----a-w- c:\windows\SysWow64\amdave32.dll

2013-12-06 20:22 . 2013-12-06 20:22 1144320 ----a-w- c:\windows\system32\atiadlxx.dll

2013-12-06 20:22 . 2013-12-06 20:22 89088 ----a-w- c:\windows\system32\atisamu64.dll

2013-12-06 20:22 . 2013-12-06 20:22 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll

2013-12-06 20:22 . 2013-12-06 20:22 825344 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2013-12-06 20:22 . 2013-12-06 20:22 74752 ----a-w- c:\windows\system32\atig6pxx.dll

2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\system32\atiglpxx.dll

2013-12-06 20:22 . 2013-12-06 20:22 100352 ----a-w- c:\windows\system32\atig6txx.dll

2013-12-06 20:21 . 2013-12-06 20:21 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll

2013-12-06 20:21 . 2013-12-06 20:21 626176 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2013-12-06 20:18 . 2013-12-06 20:18 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2013-12-06 15:49 . 2013-12-06 15:49 51200 ----a-w- c:\windows\system32\kdbsdk64.dll

2013-12-06 15:44 . 2013-12-06 15:44 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"THX Audio Control Panel"="c:\program files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe" [2011-08-29 1517056]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]

S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - AMDKMDAG

*NewlyCreated* - DXGKRNL

.

Inhoud van de 'Gedeelde Taken' map

.

2014-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27 09:02]

.

2014-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27 09:02]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]

"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]

"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.1.1

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2014-01-27 11:05:31

ComboFix-quarantined-files.txt 2014-01-27 10:05

.

Pre-Run: 8.476.020.736 bytes free

Post-Run: 8.158.654.464 bytes free

.

- - End Of File - - 97DF7E47643A7F7D486D20AB81596147

A36C5E4F47E84449FF07ED3517B43A31

Inloggen

Mijn CPU-Gebruik is ENORM hoog! Help

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie