NTOSKRNL.EXE Blue screen of death

[RScheepers]

OK, Ik heb dit uitgevoerd, maar hoe kom ik er nou achter welke services/programma's of drivers de boesdoeners zijn? De microsoft uitleg is een beetje vaag.

[Dasle]

Je hebt nu dus alle NIET Microsoft services uitgeschakeld!!

Ik weet niet hoeveel het er zijn, maar nu kun je de helft terug inschakelen en kijken wat dit als resultaat geeft.

Krijg je nu BSOD's weet je dat een services die je zonet terug hebt ingeschakeld voor problemen zorgt.

Krijg je geen BSOD's zit de boosdoener in de andere helft die nog niet is ingeschakeld en ga je verder met het terug inschakelen van de services tot je terug problemen krijgt. Zo kun je het programma of driver achterhalen die voor de problemen verantwoordelijk is

[RScheepers]

OK,

Ik heb dat gedaan en kwam uit op de volgende services:

NVIDIA Display Driver Service

NVIDIA Udpdate servcie daemon

partner service

Cyberlink RichVideo service

skyper updater

steam client service

nvidia stereoscopic 3 driver

teamviewer 8

intel turbo boost technology

intel management & security

VideAceWindowService

[Dasle]

Zorgen alle die je hierboven noemt voor problemen

[kweezie wabbit]

Die partner service wijst op een besmetting met malware.

Zou je het volgende kunnen doen zodat we dit kunnen aanpakken.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.

---

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

---

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

[RScheepers]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:14:48, on 26-6-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16611)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

D:\Programma's\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

D:\Programma's\Hjackthis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [avgnt] "D:\Programma's\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programma's\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programma's\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programma's\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programma's\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programma's\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programma's\Avira\AntiVir Desktop\avguard.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10624 bytes

[kweezie wabbit]

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

• Malwarebytes' Anti-Malware Chameleon
  
• Problemen bij het installeren van Malwarebytes' Anti-Malware
  
• Problemen bij het updaten van Malwarebytes' Anti-Malware
  
• Problemen bij het starten van Malwarebytes' Anti-Malware
  

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht, samen met een nieuw logje van hijackthis.
  

[RScheepers]

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.06.26.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16618

Roy :: XPEKE [administrator]

26-6-2013 12:19:56

mbam-log-2013-06-26 (12-19-56).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 237490

Verstreken tijd: 4 minuut/minuten, 58 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:27:26, on 26-6-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16611)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

D:\Programma's\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

D:\Programma's\Hjackthis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avgnt] "D:\Programma's\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Programma's\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programma's\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programma's\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programma's\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programma's\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programma's\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programma's\Avira\AntiVir Desktop\avguard.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10084 bytes

[kweezie wabbit]

Dat ziet er allemaal prima uit.

Nog een extra controle.

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
  
  • Running processes
    
  • Recently Created
    
  • Startup Information
    
  • Installed Programs
    
  • HijackThis Log
    
  • Shortcut Fix
    
  • Auto Clean
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[RScheepers]

Zoek.exe Version 4.0.0.2 Updated 25-June-2013

Tool run by Roy on wo 26-06-2013 at 12:59:36,07.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

D:\Programma's\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

D:\Programma's\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

D:\Programma's\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

D:\Programma's\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k SDRSVC

D:\Programma's\Hjackthis\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

D:\programma's\avira\antivir desktop\avcenter.exe

D:\Downloads\zoek.exe

C:\Windows\system32\conhost.exe

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

æTorrent

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.03)

Adobe Shockwave Player 12.0

Alcor Micro USB Card Reader

Alice Greenfingers

ASUS AI Recovery

ASUS AP Bank

ASUS FancyStart

ASUS Live Update

ASUS MultiFrame

ASUS Power4Gear Hybrid

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Video Magic

ASUS Virtual Camera

ASUS_N3_Series

ATK Package

Avira Free Antivirus

Bing Bar

Boingo Wi-Fi

Canon IJ Network Tool

Canon MP495 series MP Drivers

CCleaner

Chicken Invaders 2

Choice Guard

ControlDeck

CyberLink LabelPrint

CyberLink MediaShow Espresso

CyberLink PhotoNow

CyberLink Power2Go

CyberLink PowerDirector

CyberLink PowerDVD 9

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dream Day Wedding Married in Manhattan

ETDWare PS/2-x64 7.0.5.13_WHQL

ExpressGate Cloud

Fast Boot

Fresco Logic USB3.0 Host Controller

Game Dev Tycoon versie 1.3.9

Game Park Console

Google Chrome

Google Drive

Google Toolbar for Internet Explorer

Google Update Helper

HD Tune 2.55

HF pAppLoc version 1.0

HiJackThis

Intel® Management Engine Components

Intel© Turbo Boost Technologie monitor 2.6

Java 7 Update 21

Java Auto Updater

Junk Mail filter update

League of Legends

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended NLD Language Pack

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Windows Application Compatibility Database

MSVCRT

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

NVIDIA-configuratiescherm 320.18

NVIDIA 3D Vision stuurprogramma 320.18

NVIDIA GeForce Experience 1.5

NVIDIA Grafisch stuurprogramma 320.18

NVIDIA HD Audio-stuurprogramma 1.3.24.2

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX systeemsoftware 9.12.1031

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 4.11.9

NVIDIA Update Components

Pando Media Booster

piaip AppLocale

Piggly FREE

PowerISO

Prime World version 9.7.2

Razer Game Booster

Razer Surround

Razer Synapse 2.0

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Sid Meier's Civilization V

SkypeT 6.5

Smileyville FREE

SonicMaster

Steam

swMSM

syncables desktop SE

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Taalpakket voor Microsoft .NET Framework 4 Extended - NLD

TeamViewer 8

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

USB2.0 UVC 2M WebCam

VLC media player 2.0.6

Windows 7 Upgrade Advisor

Windows Live - Hulpprogramma voor uploaden

Windows Live aanmeldhulp

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Writer

WinFlash

WinRAR 4.20 (64-bit)

Wireless Console 3

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partner Service deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partner Service deleted successfully

==== Deleting Files \ Folders ======================

"C:\Users\All Users\Partner\Partner.dll" deleted

"C:\ProgramData\Partner" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-06-15 12:21:04 2BCCF6675893FE93D53753127C7EBD21 495836983 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Roy\AppData\Local\Temp ====

2013-06-22 01:58:27 B1957B038895642DF9F662326E7D4DDC 903080 ----a-w- C:\Users\Roy\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

2013-06-18 21:06:51 0366198B574AE15D5D625097B0386473 5316608 ----a-w- C:\Users\Roy\AppData\Local\Temp\vlc-2.0.7-win32.exe

2013-06-16 07:07:27 F10E9620F1D0EDEC56C0C1E1790CEAB9 31668328 ----a-w- C:\Users\Roy\AppData\Local\Temp\SkypeSetup.exe

====== C:\Windows\SysWOW64 =====

2013-06-15 18:34:57 E6446AB7A7E602CAFF51ACA3C68C1526 269312 ----a-w- C:\Windows\SysWOW64\aaclient.dll

2013-06-15 18:34:57 D3F64318307CEC05CBDE533D99976532 16896 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll

2013-06-15 18:34:57 A9D4140B8B843D5719F7C3EED8C0F9FD 37376 ----a-w- C:\Windows\SysWOW64\tsgqec.dll

2013-06-15 18:34:57 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll

2013-06-15 18:34:57 3F853160DEE5B71B9AD2F1BAF2B1E55B 46592 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll

2013-06-15 18:34:55 40FF6C636380A87DE3A99F4E348BFDCB 1048064 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2013-06-15 18:34:54 EF1689081813A60D4610FF429530BA36 4916224 ----a-w- C:\Windows\SysWOW64\mstscax.dll

2013-06-15 18:29:38 F67B1B348CBBCB60DAEC276712582E8C 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-06-15 18:29:37 B3DC4D1658093C1E486CA9F22180BECF 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-06-15 18:29:36 F383B1AD5D7FDC1ACB0D900B50572F8D 2046976 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-06-15 18:29:35 5E2D9C88284AA3BECF15BEA0920A1903 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-06-15 18:29:32 FCA0837B2739C044EEC00AF0DDD73FFC 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-06-15 18:29:25 05920BD009621D06722A1CD339DA6481 14327808 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-06-15 18:28:24 AF78F66116814FDD6677CEBD73035CDD 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll

2013-06-15 18:28:20 BFB26890612FB8AE8B0463EBEBE84B7E 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

2013-06-15 18:28:20 A113AFEED3159A1ED52D78CB0226006D 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2013-06-15 18:28:18 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll

2013-06-15 18:28:15 5B2E4E90C04FB9AE9F2C5E99FF59B283 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll

2013-06-15 18:28:09 45FBAFFA68CBC29AC2563985CEE72B9C 24576 ----a-w- C:\Windows\SysWOW64\cryptdlg.dll

2013-06-15 18:27:18 6DE66FE7C526637E74CD066461C7C871 1505280 ----a-w- C:\Windows\SysWOW64\d3d11.dll

2013-06-12 21:54:50 DD09C65E52F3D5574F9774EE0D4DAA57 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-06-12 21:54:50 CE3EC9D85ED88ED4AD948B90BB9ED31D 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-06-12 21:54:50 A10E7B582DEA86572510CB73CCCECA34 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-06-12 21:54:50 9593EA1AE5F39C1174B532213D47664B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-06-12 21:54:48 0FEED965B909BA2D210CE78C21626A69 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-06-12 21:54:47 091C7153A1292F19BE34FAC07FFF12EC 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-06-12 21:54:45 97FA62873FF759574B20DF39FF22CC27 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-06-12 21:54:42 4395AC0BC02009AFAAB01368BA38AF30 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-06-12 21:54:42 2473CA6595A2659D7039A4A89FECA269 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-06-12 16:11:35 FC415B303B1ECF80B5F130A1F7203D02 492544 ----a-w- C:\Windows\SysWOW64\win32spl.dll

2013-06-12 16:11:22 92245C959E5BC378809D2CC5E9F6E9C7 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-06-12 16:11:22 8A8B277067C22F4BF6AA9A31692FC4D3 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll

2013-06-12 16:11:22 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\SysWOW64\certutil.exe

2013-06-12 16:11:21 CC917AC4D3F8756FF13174980B474791 43008 ----a-w- C:\Windows\SysWOW64\certenc.dll

2013-06-12 16:11:21 3897DFF247D9ED0006190349DE264E14 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-06-15 18:35:05 E9A0777DCA9148157E0EF9B71D7DE353 15360 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll

2013-06-15 18:35:05 7B619C36F84720CB6AB77031B6F4FA60 13312 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll

2013-06-15 18:35:05 0E894692EB8579703FB1EC8AB6908571 13312 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe

2013-06-15 18:34:57 F059D17612BF074443C01FCCC8D5C905 54272 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll

2013-06-15 18:34:57 E98E2152251EB2576714B2CCE01555DC 44032 ----a-w- C:\Windows\Sysnative\tsgqec.dll

2013-06-15 18:34:57 9EB297848DAACF111C36B6048EFF5AEA 43520 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll

2013-06-15 18:34:57 87E8244DCB33A7A0836C66389B8874B6 322560 ----a-w- C:\Windows\Sysnative\aaclient.dll

2013-06-15 18:34:57 09112DADA82F4700F833C2E40DFB59FC 18432 ----a-w- C:\Windows\Sysnative\wksprtPS.dll

2013-06-15 18:34:56 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll

2013-06-15 18:34:56 AE8535663AA64318D174CD7CA44ED947 62976 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe

2013-06-15 18:34:56 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll

2013-06-15 18:34:55 98C04A60A10777D99B569636C55FE91C 1123840 ----a-w- C:\Windows\Sysnative\mstsc.exe

2013-06-15 18:34:55 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 ----a-w- C:\Windows\Sysnative\rdpcorets.dll

2013-06-15 18:34:55 6846ECABF7034DD97EE1DE38F1DA16B4 384000 ----a-w- C:\Windows\Sysnative\wksprt.exe

2013-06-15 18:34:54 FF16B21E5C0C46A70B2CD4F65B87D9F1 5773824 ----a-w- C:\Windows\Sysnative\mstscax.dll

2013-06-15 18:29:38 14DAE73A3B8599329329ADB2604E62A4 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-06-15 18:29:37 C9152A497D0CA33CE9D729F1179DDB01 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-06-15 18:29:35 1BDF694C5BA91A1576DA907DA3077EF8 2648064 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-06-15 18:29:34 9AD5D9CE1D07B76176615723D1E6217D 526336 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-06-15 18:29:32 AB2F2F56064E8AA8634C790956860A3D 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-06-15 18:29:29 5C41AF3F4B83340D2783CE8FDE30566A 19233792 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-06-15 18:28:24 B7D42CB36C08FA017E73FF2433CD7287 340992 ----a-w- C:\Windows\Sysnative\schannel.dll

2013-06-15 18:28:21 685527DA09EBFB681E98C515978BDEE2 1448448 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2013-06-15 18:28:18 973131EB99BE1E19DAC502CB724E72A5 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll

2013-06-15 18:28:16 3D7BB6DD7A87B3E36E44CA94444247A8 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll

2013-06-15 18:28:10 C06FAAF13E37CE482F612AFF2D2331F3 30720 ----a-w- C:\Windows\Sysnative\cryptdlg.dll

2013-06-15 18:27:18 4C92EB7535CAA1681A77D928FBF9771F 1887232 ----a-w- C:\Windows\Sysnative\d3d11.dll

2013-06-12 21:54:50 D575B8A1E28747D8562A7EB0D95AAD74 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-06-12 21:54:50 8C42F591EA3D14004C0684ADD177941B 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-06-12 21:54:50 6D1CD9151AC8E10B6B7DBEAAD89A2E56 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-06-12 21:54:50 146A64604D96E82B03CD57B214E66632 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-06-12 21:54:49 5C9D6C25054683CEEC28935C1DDB03DF 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-06-12 21:54:48 4A420CB5E499E484B1E5E1CE010E6896 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-06-12 21:54:47 C928E6CC4DF7ED4620BAB3CE96262632 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-06-12 21:54:46 396D851E3B6ECB9990718C25567ABBB9 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-06-12 21:54:42 5AD28C210D17029694554420022E1074 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-06-12 21:54:41 12716D987D475B051F35895659159705 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-06-12 16:11:35 67CF11E00D026A5C0C88EA5F84D501E5 751104 ----a-w- C:\Windows\Sysnative\win32spl.dll

2013-06-12 16:11:22 D8129C49798CBBFB2E4351D4B7B8EF9C 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll

2013-06-12 16:11:22 A96D5ECA5742603E0E345C4F6B801F5E 1464320 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-06-12 16:11:22 4586B77B18FA9A8518AF76CA8FD247D9 1192448 ----a-w- C:\Windows\Sysnative\certutil.exe

2013-06-12 16:11:22 2C4C22EA1735F21F355EB1A39832F7DF 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll

2013-06-12 16:11:21 189B0BAE1B0EDD51CEF1CD3F4CDEE02E 52224 ----a-w- C:\Windows\Sysnative\certenc.dll

====== C:\Windows\Sysnative\drivers =====

2013-06-26 10:18:53 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-06-25 16:40:02 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_rzudd_01009.Wdf

2013-06-24 04:50:21 4BDDB42CB6BF46452FA7155EA5381576 83160 ----a-w- C:\Windows\Sysnative\drivers\avnetflt.sys

2013-06-23 16:59:32 490FA25161BF3E51993EB724ECF0ACEB 28600 ----a-w- C:\Windows\Sysnative\drivers\avkmgr.sys

2013-06-23 16:59:32 488486DAD09A5B6C6DBB8B990A8B2307 130016 ----a-w- C:\Windows\Sysnative\drivers\avipbb.sys

2013-06-23 16:59:32 09E6069EF94B345061B4BD3CEBD974C8 100712 ----a-w- C:\Windows\Sysnative\drivers\avgntflt.sys

2013-06-15 18:35:02 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys

2013-06-15 18:35:01 17C6B51CBCCDED95B3CC14E22791F85E 57856 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys

2013-06-15 18:28:23 AAFCB52FE0037207FB6FBEA070D25EFE 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys

2013-06-15 18:28:22 7EFB9333E4ECCE6AE4AE9D777D9E553E 154480 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2013-06-12 16:11:36 9849EA3843A2ADBDD1497E97A85D8CAE 1910632 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-06-12 03:30:21 7A711D08F1FD1AB8149B6199F84A0EB7 11216160 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys

2013-05-29 17:18:27 CCEDD47ABD068C58C8513DEB785093BB 3379272 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys

2013-05-29 17:18:25 AADAFDA81303668BE6ED82AA357564CE 449481 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT

====== C:\Windows\Tasks ======

2013-05-31 16:04:20 CD5CA3E5ACE7E9EBE3B5984EBB34FA8E 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-31 16:04:20 930A6E9F96525624397DD6A13FDE4D74 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater

2013-05-29 17:13:16 F6755351AAB28B8B834934A75BB17F6B 3140 ----a-w- C:\Windows\Sysnative\Tasks\Razer_Game_Booster_AutoUpdate

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-06-19 17:03:46 -------- d-----w- C:\Program Files\Intel

2013-06-15 18:36:27 -------- d-----w- C:\Program Files\Microsoft Silverlight

2013-06-03 18:41:19 -------- d--h--w- C:\Program Files\CanonBJ

======= C:\Program Files (x86) =====

2013-06-25 16:34:59 -------- d-----w- C:\Program Files (x86)\Razer

2013-06-19 17:00:05 -------- d-----w- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor

2013-06-15 18:36:27 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight

2013-06-06 16:31:59 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2013-06-03 18:46:43 -------- d-----w- C:\Program Files (x86)\Canon

2013-05-31 16:03:53 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe

======= C: =====

2013-06-23 13:39:37 5E3EEFE750355FCE32938F39D623DBB7 8993 ----a-w- C:\tasklist.txt

====== C:\Users\Roy\AppData\Roaming ======

2013-06-23 17:05:02 -------- d-----w- C:\users\Roy\AppData\Roaming\Avira

2013-06-21 10:19:27 -------- d-----w- C:\users\Roy\AppData\Local\WpfApplication1

2013-06-21 06:32:40 -------- d-----w- C:\users\Default\AppData\Local\Google

2013-06-21 06:32:40 -------- d-----w- C:\users\Default User\AppData\Local\Google

2013-06-19 17:02:56 -------- d-----w- C:\users\Roy\AppData\Roaming\InstallShield

2013-06-19 17:00:47 -------- d-----w- C:\users\Roy\AppData\Local\Microsoft Corporation

2013-06-15 16:01:24 -------- d-----w- C:\users\Roy\AppData\Locallow\Adobe

2013-06-12 03:34:32 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Temporary Internet Files

2013-06-12 03:34:32 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Geschiedenis

2013-06-12 03:34:32 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Application Data

2013-06-12 03:34:31 -------- d-s---w- C:\users\UpdatusUser\AppData\Roaming\Microsoft

2013-06-12 03:34:31 -------- d-----w- C:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite

2013-06-12 03:34:31 -------- d-----w- C:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic

2013-06-12 03:34:31 -------- d-----w- C:\users\UpdatusUser\AppData\Roaming\Media Center Programs

2013-06-12 03:34:31 -------- d-----w- C:\users\UpdatusUser\AppData\Local\Temp

2013-06-12 03:34:31 -------- d-----w- C:\users\UpdatusUser\AppData\Local\Microsoft Help

2013-06-12 03:34:31 -------- d-----w- C:\users\UpdatusUser\AppData\Local\Microsoft

2013-06-12 03:34:31 -------- d-----r- C:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-06-12 03:34:31 -------- d-----r- C:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-06-11 18:08:05 -------- d-----w- C:\users\Roy\AppData\Roaming\NVIDIA

2013-06-08 12:35:17 -------- d-----w- C:\users\Roy\AppData\Local\ASUS

2013-06-06 17:15:30 -------- d-----w- C:\users\Roy\AppData\Local\My Games

2013-06-06 16:54:56 -------- d-----w- C:\users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2013-06-02 09:01:40 -------- d-----w- C:\users\Roy\AppData\Local\Magentic

2013-05-31 21:18:03 -------- d-----w- C:\users\Roy\AppData\Local\Game Dev Tycoon

2013-05-29 17:12:32 -------- d-----w- C:\users\Roy\AppData\Local\Razer

2013-05-29 17:10:56 -------- d-----w- C:\users\Roy\AppData\Local\Programs

2013-05-27 14:10:01 -------- d-----w- C:\users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale

====== C:\Users\Roy ======

2013-06-26 08:43:13 -------- d-----w- C:\ProgramData\RzMaelstromVAD_1.1.41.1089

2013-06-23 16:59:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2013-06-23 16:59:30 -------- d-----w- C:\ProgramData\Avira

2013-06-23 08:40:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune

2013-06-21 10:18:13 46FF3CAAD3935B11F8686FD14B9F4ED5 7376906 ----a-w- C:\Users\Roy\Desktop\SSS.exe

2013-06-19 17:03:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2013-06-15 18:52:34 -------- d-----w- C:\ProgramData\Uniblue

2013-06-15 18:37:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2013-06-12 03:34:33 -------- d-----w- C:\Users\UpdatusUser\Searches

2013-06-12 03:34:33 -------- d-----w- C:\Users\UpdatusUser\Contacts

2013-06-12 03:34:32 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Sjablonen

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\SendTo

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Recent

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Netwerkprinteromgeving

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\NetHood

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Mijn documenten

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Menu Start

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Local Settings

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Cookies

2013-06-12 03:34:32 -------- d-sh--we C:\Users\UpdatusUser\Application Data

2013-06-12 03:34:31 -------- d--h--w- C:\Users\UpdatusUser\AppData

2013-06-12 03:34:31 -------- d-----w- C:\Users\UpdatusUser\Saved Games

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Videos

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Pictures

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Music

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Links

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Favorites

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Downloads

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Documents

2013-06-12 03:34:31 -------- d-----r- C:\Users\UpdatusUser\Desktop

2013-06-11 18:08:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2013-06-11 18:03:18 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-06-08 12:35:19 -------- d-----w- C:\ProgramData\ASUS

2013-06-06 16:31:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2013-06-03 18:47:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP495 series

2013-06-03 18:46:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2013-06-03 18:46:43 -------- d-----w- C:\ProgramData\Canon IJ Network Tool

2013-06-03 18:41:58 -------- d--h--w- C:\ProgramData\CanonBJ

2013-05-31 21:12:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Dev Tycoon

2013-05-29 17:11:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2013-05-29 17:11:20 -------- d-----w- C:\ProgramData\Razer

====== C: exe-files ==

2013-06-25 16:41:55 B17E29F9F5C8C3C2D08C0F276B914631 106344 ----a-w- C:\Users\Roy\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzSettingsConverter.exe

2013-06-25 16:41:46 A4ABBECD6634142A2BDE67D67E2021F8 42808 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\Razer Surround\Razer Surround_Uninstaller.exe

2013-06-25 16:41:24 92EB61E2107E8B271B0927ECC7220DDE 32915 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerNagaConfig\RazerNagaConfig_Uninstaller.exe

2013-06-25 16:41:24 1EB94A030AB862DC5F0ED3E2D5263207 51003568 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Surround_Configurator_v1.08.20.exe

2013-06-25 16:41:17 677383CB53A0E930336E716DF63CC396 11891504 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Naga_Config_v1.10.06.exe

2013-06-25 16:40:39 465E50B27CB6F9FAFC3681675181CCD9 43395 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\Razer_Common_Driver\RazerCommonDriverUninstaller.exe

2013-06-25 16:40:39 30457B4F885ACC69C000BF7D3D590BBD 3725160 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Surround_Driver_v1.00.08.exe

2013-06-25 16:39:07 9B34B3B603E8FD4F56D1F2620BC0C061 32949 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\DeviceInfo\DeviceInfo_Uninstaller.exe

2013-06-25 16:39:07 75A2881211796A566FC80F86229917C7 6242392 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Common_Driver_v1.17.00.exe

2013-06-25 16:39:06 5DD9A14C757EEB6A387F4677AC9D6D97 1443920 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_DeviceInfo_v1.01.03_01.exe

2013-06-25 16:39:03 FFD47CE1EBAAD0E73C4F3D80B75741C9 3376816 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\RzCommonConfig_v2.13.08.exe

2013-06-25 16:39:01 CA96CA0CE8C1CD5ECC8C58B253CD67BD 32881 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerFonts\RazerFonts_Uninstaller.exe

2013-06-25 16:39:01 7CACFC4EDFA7B8492A2EC0976ECA7C02 1408584 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_DeviceSetup_v1.00.02.exe

2013-06-25 16:38:55 B498C3CF9913CE4C5021F979857B15B5 11670304 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_SynapseFonts_v1.00.00.exe

2013-06-25 16:38:27 BF194D1E5B84A4B984C4679FCFC69386 282488 ----a-w- C:\Users\Roy\AppData\Local\Temp\RzUpdater\RzUpdateManager.exe

2013-06-25 16:37:15 E0B3ACC3D925B8A8B61012BFE9565800 32974 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerCommonConfig\RazerCommonConfig_Uninstaller.exe

2013-06-22 13:59:19 3D0516A120E2DDD677296B6E559D7A24 144992 ----a-w- C:\Users\Roy\AppData\Local\Temp\Rar$EXa0.147\BlueScreenView.exe

2013-06-22 01:58:27 B1957B038895642DF9F662326E7D4DDC 903080 ----a-w- C:\Users\Roy\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

2013-06-21 10:18:13 46FF3CAAD3935B11F8686FD14B9F4ED5 7376906 ----a-w- C:\Users\Roy\Desktop\SSS.exe

2013-06-20 13:53:43 EF09F291E7F97762AAC9BFD197844CB1 1902064 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00003e50\dao.16281631.exe

2013-06-19 19:53:33 80633916458CC8041D0F483B7633E9F6 1582944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.116\27.0.1453.116_27.0.1453.110_chrome_updater.exe

2013-06-19 17:02:56 77F9F5383C2AD57A6A2087F330AC01E8 14490328 ----a-w- C:\Users\Roy\AppData\Local\Temp\{ABC6E1E7-44C2-4D6B-9C35-615ADC33AAE2}\{671EC9B2-A0F0-4035-AA48-729EDC3C59EF}\TurboBoostSetup_x64.exe

=== C: other files ==

2013-06-26 10:18:53 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-06-25 16:41:55 ECC98FD01E7D9A9A242A5F7CF2454A50 317619 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_NagaConverter_v1.02.00.zip

2013-06-25 16:41:55 A2190715F6F3621C283D31CA870E6D55 346 ----a-w- C:\Users\Roy\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzSettingsConverter.bat

2013-06-25 16:41:47 2C78D7B00AA0B7039557DCFC1701566E 1066994 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\NagaWoWAddOn_v2.04.00.zip

2013-06-24 04:50:21 4BDDB42CB6BF46452FA7155EA5381576 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys

2013-06-23 16:59:32 490FA25161BF3E51993EB724ECF0ACEB 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2013-06-23 16:59:32 488486DAD09A5B6C6DBB8B990A8B2307 130016 ----a-w- C:\Windows\System32\drivers\avipbb.sys

2013-06-23 16:59:32 09E6069EF94B345061B4BD3CEBD974C8 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="D:\Programma's\Avira\AntiVir Desktop\avgnt.exe /min"

"Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Malwarebytes Anti-Malware"="D:\Programma's\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"hkey"="HKLM"

"item"="Adobe Reader Speed Launcher"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AmIcoSinglun64"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]

"command"="C:\\Windows\\AsScrPro.exe"

"hkey"="HKLM"

"item"="ASUS Screen Saver Protector"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS WebStorage]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ASUS WebStorage"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\SERVICE\\AsusWSService.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKMEDIA]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ATKMEDIA"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Media\\DMedia.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgnt]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="avgnt"

"hkey"="HKLM"

"command"="\"D:\\Programma's\\Avira\\AntiVir Desktop\\avgnt.exe\" /min"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Boingo Wi-Fi]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Boingo Wi-Fi"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Boingo\\Boingo Wi-Fi\\Boingo.lnk\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDWare]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ETDWare"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Elantech\\ETDCtrl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HControlUser]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HControlUser"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Hotkey\\HControlUser.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelTBRunOnce]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IntelTBRunOnce"

"hkey"="HKLM"

"command"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nvtmru]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Nvtmru"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Update Core\\nvtmru.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pando Media Booster]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Pando Media Booster"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Pando Networks\\Media Booster\\PMB.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl9]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RemoteControl9"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Cyberlink\\PowerDVD9\\PDVD9Serv.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVBg"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /SF3 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

"hkey"="HKLM"

"item"="RtHDVCpl"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SonicMasterTray]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SonicMasterTray"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\ASUS\\SonicMaster\\SonicMasterTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Steam"

"hkey"="HKCU"

"command"="\"D:\\Programma's\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UpdateLBPShortCut"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UpdateP2GoShortCut"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePSTShortCut]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UpdatePSTShortCut"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerStarter\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VAWinAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="VAWinAgent"

"hkey"="HKLM"

"command"="C:\\ExpressGateUtil\\VAWinAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wireless Console 3]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Wireless Console 3"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\ASUS\\Wireless Console 3\\wcourier.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\FancyStart daemon.lnk"

"backup"="C:\\Windows\\pss\\FancyStart daemon.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\Windows\\Installer\\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\\_C4A2FC3E3722966204FDD8.exe -d"

"item"="FancyStart daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvUpdatusService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Partner Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RichVideo]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RzMaelstromVADStreamingService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Stereo Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer8]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TurboBoost]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VideAceWindowsService]

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Chrome Look ======================

AdBlock - Roy - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Downloads - Roy - Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb

Auto HD For YouTube - Roy - Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak

Outlook.com - Roy - Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://asus.msn.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://asus.msn.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1439700463-4003808195-4181331985-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

HKEY_USERS\S-1-5-21-1439700463-4003808195-4181331985-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

HKEY_USERS\S-1-5-21-1439700463-4003808195-4181331985-1002\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Roy\Desktop\CCleaner - Snelkoppeling.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe

C:\Users\Roy\Desktop\HiJackThis.lnk - C:\Users\Roy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Roy\Desktop\lol.launcher.admin - Snelkoppeling.lnk - D:\Games\League of Legends\lol.launcher.admin.exe

C:\Users\Roy\Desktop\PokeGen - Snelkoppeling.lnk - D:\VGA\Pokegen\PokeGen.exe

C:\Users\Roy\Desktop\VisualBoyAdvance - Snelkoppeling.lnk - D:\VGA\VisualBoyAdvance.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\ASUS SonicMaster.lnk - C:\Windows\Installer\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}\SonicMaster.exe1_2FB5EF81A81643E584B5EF7AA82D06FF.exe

C:\Users\Public\Desktop\Avira Control Center.lnk - D:\Programma's\Avira\AntiVir Desktop\avcenter.exe

C:\Users\Public\Desktop\Canon IJ Network Tool.lnk - C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE

C:\Users\Public\Desktop\Game Dev Tycoon.lnk - D:\Games\Game Dev Tycoon\GameDevTycoon.exe

C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - D:\Programma's\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\PowerISO.lnk - D:\Programma's\Poweriso\PowerISO.exe

C:\Users\Public\Desktop\Prime World (English).lnk - D:\Games\Prime World English\PWLauncher.exe

C:\Users\Public\Desktop\Razer Game Booster.lnk - D:\Programma's\Razer Game Booster\GameBooster.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

C:\Users\Public\Desktop\Steam.lnk - D:\Programma's\Steam\Steam.exe

C:\Users\Public\Desktop\TeamViewer 8.lnk - D:\Programma's\Teamviewer\Version8\TeamViewer.exe

C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk - C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic\ASUS Video Magic.lnk - C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite\LabelPrint\LabelPrint.lnk - C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite\LabelPrint\Online registratie.lnk - C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\OLRSubmission.exe /LANG:NLD

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite\Power2Go\Online registratie.lnk - C:\Program Files (x86)\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe /LANG:NLD

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite\Power2Go\Power2Go Express.lnk - C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite\Power2Go\Power2Go.lnk - C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Roy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\AppLocale.lnk - C:\Users\Roy\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale\readme.lnk - C:\Users\Roy\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Programma's\Steam\Steam.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - D:\Programma's\WinRar\Rar.txt

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - D:\Programma's\WinRar\WinRAR.chm

C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - D:\Programma's\WinRar\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk - D:\Programma's\Teamviewer\Version8\TeamViewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk - C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus Help.lnk - D:\Programma's\Avira\AntiVir Desktop\avwin.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus starten.lnk - D:\Programma's\Avira\AntiVir Desktop\avcenter.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira op internet.lnk - D:\Programma's\Avira\AntiVir Desktop\weblink.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Leesmij weergeven.lnk - D:\Programma's\Avira\AntiVir Desktop\readme.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP495 series\Leesmij.lnk - C:\Program Files (x86)\CanonBJ\IJPrinter\Canon MP495 series\readme_Dutch.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Tool\IJ Network Tool.lnk - C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Dev Tycoon\Game Dev Tycoon.lnk - D:\Games\Game Dev Tycoon\GameDevTycoon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Dev Tycoon\Verwijder Game Dev Tycoon.lnk - D:\Games\Game Dev Tycoon\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk - D:\Programma's\HD Tune\hdtune.html

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk - D:\Programma's\HD Tune\HDTune.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk - D:\Programma's\HD Tune\HDTune.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk - D:\Programma's\HD Tune\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Turbo Boost Technologie monitor 2.6.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - D:\Programma's\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - D:\Programma's\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - D:\Programma's\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - D:\Programma's\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disable

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enable

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Game Booster\Razer Game Booster.lnk - D:\Programma's\Razer Game Booster\GameBooster.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse 2.0\Razer Synapse 2.0.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launch

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.lnk - C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Programma's\Steam\Steam.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobility Center.lnk -

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Roy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Taakbeheer.lnk - C:\Windows\System32\taskmgr.exe

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avgnt] "D:\Programma's\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Programma's\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programma's\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programma's\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programma's\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programma's\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programma's\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programma's\Avira\AntiVir Desktop\avguard.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Roy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Roy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RBH0ETVW will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\Roy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Roy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Roy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RBH0ETVW" not found

==== EOF on wo 26-06-2013 at 13:09:31,13 ======================