HJTh Logje

[djdanvan]

Beste PCH,

De laptop (Wind.7) van mijn dochter was zeer traag geworden met vanalles en nog wat gescant en ik moet toegeven het is veel verbeterd maar ik zou graag hebben dat de specialisten van HJTHis

mijn onderstaand logje willen bekijken of er nog tootjes of weet ik veel mogen verwijderd worden?

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:11:12, on 30/10/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Users\Van Gent\Desktop\HijackThis2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/canvasx.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab

O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8511 bytes

dank u wel

groeten djdanvan

[juisterr]

We werken tegenwoordig met andere analyse tools.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[djdanvan]

Juisterr;

Allereerst dank voor de vlugge reactie en de info? heeft HJTH afgedaan?

Hieronder het nwe logje.

Groeten djdanvan

Logfile of random's system information tool 1.09 (written by random/random)

Run by Van Gent at 2013-10-30 19:53:18

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 10 GB (4%) free of 226 GB

Total RAM: 3002 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:53:22, on 30/10/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\trend micro\Van Gent.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/canvasx.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab

O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9176 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"

"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"

"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"

"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe"

"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"

"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"

"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\SysWOW64\PnkBstrB.exe

"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

C:\Windows\System32\svchost.exe -k secsvcs

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"

WLIDSvcM.exe 2148

"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k SDRSVC

"C:\Windows\system32\wuauclt.exe"

"C:\Program Files\Internet Explorer\iexplore.exe" -w "C:\Users\Van Gent\Desktop\PC Helpforum - Gratis hulp bij computer problemen.website"

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4052 CREDAT:267521 APPID:Microsoft.Website.F2AA260F.94004CAA /prefetch:2

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding

C:\Windows\system32\sppsvc.exe

"C:\Users\Van Gent\Desktop\RSITx64.exe"

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-09 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-09 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-09 256080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-08-06 828960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

C:\Windows\system32\hkcmd.exe [2010-08-25 386584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

C:\Program Files (x86)\Launch Manager\LManager.exe [2009-07-27 1157128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-10-23 152392]

"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2013-10-02 163896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableSecureUIAPath"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=149

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-30 19:53:18 ----D---- C:\rsit

2013-10-30 19:53:18 ----D---- C:\Program Files\trend micro

2013-10-30 15:50:23 ----D---- C:\Windows\CheckSur

2013-10-30 15:07:18 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-10-30 15:07:18 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-30 15:07:18 ----A---- C:\Windows\system32\drivers\usbohci.sys

2013-10-30 15:07:18 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-30 15:07:18 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-30 15:07:18 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-30 15:07:18 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-30 13:46:29 ----D---- C:\ProgramData\Package Cache

2013-10-30 13:31:52 ----D---- C:\Windows\system32\MRT

2013-10-30 11:40:51 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys

2013-10-30 11:39:50 ----D---- C:\Program Files\iPod

2013-10-30 11:39:49 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-30 11:39:49 ----D---- C:\Program Files\iTunes

2013-10-30 11:38:03 ----D---- C:\Program Files\Bonjour

2013-10-30 11:38:03 ----D---- C:\Program Files (x86)\Bonjour

2013-10-30 11:34:15 ----D---- C:\Program Files (x86)\QuickTime

2013-10-30 11:00:03 ----D---- C:\Users\Van Gent\AppData\Roaming\Windows Live Writer

2013-10-30 10:25:57 ----D---- C:\Windows\ERUNT

2013-10-30 10:25:55 ----A---- C:\DelFix.txt

2013-10-29 13:11:49 ----SHD---- C:\$RECYCLE.BIN

2013-10-29 13:11:46 ----D---- C:\Windows\temp

2013-10-29 12:53:06 ----D---- C:\Windows\erdnt

2013-10-29 12:12:16 ----D---- C:\AdwCleaner

2013-10-29 11:26:16 ----D---- C:\Users\Van Gent\AppData\Roaming\Malwarebytes

2013-10-29 11:26:04 ----D---- C:\ProgramData\Malwarebytes

2013-10-29 11:26:02 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-10-29 11:26:01 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-10-29 09:07:50 ----AH---- C:\aaw7boot.cmd

2013-10-28 20:00:50 ----D---- C:\Program Files (x86)\VS Revo Group

2013-10-11 16:39:53 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-10-11 16:39:52 ----A---- C:\Windows\system32\ieui.dll

2013-10-11 16:39:51 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-10-11 16:39:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-10-11 16:39:51 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-10-11 16:39:51 ----A---- C:\Windows\system32\iesetup.dll

2013-10-11 16:39:51 ----A---- C:\Windows\system32\iernonce.dll

2013-10-11 16:39:50 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-10-11 16:39:50 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-11 16:39:50 ----A---- C:\Windows\system32\iesysprep.dll

2013-10-11 16:39:50 ----A---- C:\Windows\system32\ie4uinit.exe

2013-10-11 16:39:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-10-11 16:39:46 ----A---- C:\Windows\system32\iertutil.dll

2013-10-11 16:39:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-10-11 16:39:38 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-11 16:39:36 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-10-11 16:39:36 ----A---- C:\Windows\system32\jscript.dll

2013-10-11 16:39:33 ----A---- C:\Windows\system32\jscript9.dll

2013-10-11 16:39:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-10-11 16:39:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-10-11 16:39:28 ----A---- C:\Windows\system32\urlmon.dll

2013-10-11 16:39:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-10-11 16:39:24 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-11 16:39:23 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-10-11 16:39:21 ----A---- C:\Windows\system32\wininet.dll

2013-10-11 16:39:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-10-11 16:39:15 ----A---- C:\Windows\system32\ieframe.dll

2013-10-11 16:39:08 ----A---- C:\Windows\system32\mshtml.dll

2013-10-11 16:38:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-10-10 17:49:47 ----A---- C:\Windows\system32\comctl32.dll

2013-10-10 17:49:46 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-10-10 17:49:40 ----A---- C:\Windows\SYSWOW64\lpk.dll

2013-10-10 17:49:40 ----A---- C:\Windows\SYSWOW64\fontsub.dll

2013-10-10 17:49:40 ----A---- C:\Windows\SYSWOW64\dciman32.dll

2013-10-10 17:49:40 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-10-10 17:49:40 ----A---- C:\Windows\system32\lpk.dll

2013-10-10 17:49:40 ----A---- C:\Windows\system32\fontsub.dll

2013-10-10 17:49:40 ----A---- C:\Windows\system32\dciman32.dll

2013-10-10 17:49:40 ----A---- C:\Windows\system32\atmfd.dll

2013-10-10 17:49:39 ----A---- C:\Windows\system32\atmlib.dll

2013-10-10 17:49:38 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-10-10 17:49:38 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-10 17:49:31 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2013-10-10 17:49:31 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-10-10 17:49:29 ----A---- C:\Windows\system32\drivers\usbscan.sys

2013-10-10 17:49:29 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-10 17:49:29 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-10-10 17:49:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll

2013-10-10 17:49:26 ----A---- C:\Windows\system32\WebClnt.dll

2013-10-10 17:49:25 ----A---- C:\Windows\SYSWOW64\davclnt.dll

2013-10-10 17:49:25 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-10-10 17:49:25 ----A---- C:\Windows\system32\davclnt.dll

2013-10-10 17:49:20 ----A---- C:\Windows\SYSWOW64\mswsock.dll

2013-10-10 17:49:20 ----A---- C:\Windows\system32\mswsock.dll

2013-10-10 17:49:20 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-10-10 17:49:20 ----A---- C:\Windows\system32\drivers\afd.sys

2013-10-10 17:49:17 ----A---- C:\Windows\system32\win32k.sys

2013-10-10 17:49:10 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-10-10 17:49:09 ----A---- C:\Windows\system32\advapi32.dll

2013-10-10 17:49:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-10-10 17:49:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-10-10 17:49:07 ----A---- C:\Windows\system32\tdh.dll

2013-10-10 17:49:06 ----A---- C:\Windows\SYSWOW64\tdh.dll

2013-10-10 17:49:05 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-10-10 17:49:05 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2013-10-10 17:49:05 ----A---- C:\Windows\system32\ntdll.dll

2013-10-10 17:49:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-10-10 17:49:04 ----A---- C:\Windows\system32\wow64.dll

2013-10-10 17:49:03 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-10-10 17:49:03 ----A---- C:\Windows\SYSWOW64\user.exe

2013-10-10 17:49:03 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-10-10 17:49:03 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-10-10 17:48:54 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 17:48:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 17:48:27 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-10 17:48:07 ----A---- C:\Windows\system32\scavengeui.dll

======List of files/folders modified in the last 1 month======

2013-10-30 19:53:22 ----D---- C:\Windows\Prefetch

2013-10-30 19:53:18 ----RD---- C:\Program Files

2013-10-30 19:19:32 ----D---- C:\Windows\system32\config

2013-10-30 18:27:08 ----SHD---- C:\System Volume Information

2013-10-30 18:26:49 ----D---- C:\Windows

2013-10-30 15:23:02 ----D---- C:\Windows\system32\DriverStore

2013-10-30 15:22:56 ----D---- C:\Windows\winsxs

2013-10-30 15:20:27 ----D---- C:\Windows\inf

2013-10-30 15:15:09 ----D---- C:\Windows\system32\drivers

2013-10-30 15:03:44 ----D---- C:\Windows\system32\catroot2

2013-10-30 15:03:44 ----D---- C:\Windows\system32\catroot

2013-10-30 13:47:14 ----SHD---- C:\Windows\Installer

2013-10-30 13:46:52 ----D---- C:\Program Files (x86)\Avira

2013-10-30 13:46:46 ----D---- C:\ProgramData\Avira

2013-10-30 13:46:29 ----D---- C:\ProgramData

2013-10-30 13:36:17 ----D---- C:\Windows\SysWOW64

2013-10-30 13:36:02 ----D---- C:\Program Files (x86)\Microsoft Office

2013-10-30 13:31:52 ----D---- C:\Windows\System32

2013-10-30 13:31:52 ----D---- C:\Windows\debug

2013-10-30 12:01:15 ----D---- C:\Users\Van Gent\AppData\Roaming\Apple Computer

2013-10-30 11:57:15 ----D---- C:\Program Files\Common Files\Apple

2013-10-30 11:40:51 ----DC---- C:\Windows\system32\DRVSTORE

2013-10-30 11:40:47 ----D---- C:\Program Files (x86)\iTunes

2013-10-30 11:39:28 ----RD---- C:\Program Files (x86)

2013-10-30 11:37:09 ----D---- C:\ProgramData\Apple

2013-10-30 11:34:40 ----D---- C:\Program Files\Internet Explorer

2013-10-29 21:27:54 ----RD---- C:\Beveiliging

2013-10-29 13:09:34 ----D---- C:\Windows\system32\Tasks

2013-10-29 13:09:33 ----D---- C:\Windows\Tasks

2013-10-29 13:07:27 ----A---- C:\Windows\system.ini

2013-10-29 13:07:21 ----D---- C:\Windows\system32\drivers\etc

2013-10-29 13:06:36 ----D---- C:\Program Files (x86)\Common Files

2013-10-29 13:03:26 ----AD---- C:\ProgramData\Temp

2013-10-29 13:03:02 ----D---- C:\Windows\SYSWOW64\drivers

2013-10-29 13:03:02 ----D---- C:\Windows\AppPatch

2013-10-29 10:38:42 ----D---- C:\Users\Van Gent\AppData\Roaming\XMind

2013-10-29 10:21:03 ----D---- C:\ProgramData\Lavasoft

2013-10-29 08:46:18 ----D---- C:\Users\Van Gent\AppData\Roaming\FrostWire

2013-10-29 08:46:18 ----D---- C:\Users\Van Gent\AppData\Roaming\Azureus

2013-10-29 08:46:13 ----D---- C:\Windows\Panther

2013-10-29 08:46:12 ----D---- C:\Windows\Logs

2013-10-29 08:28:41 ----D---- C:\Program Files (x86)\CCleaner

2013-10-29 08:04:34 ----D---- C:\ProgramData\McAfee

2013-10-28 22:41:36 ----D---- C:\Program Files (x86)\Acer GameZone

2013-10-28 22:25:26 ----D---- C:\Windows\rescache

2013-10-28 20:47:41 ----D---- C:\ProgramData\SiteAdvisor

2013-10-28 20:41:46 ----D---- C:\Program Files (x86)\Java

2013-10-28 20:15:16 ----D---- C:\ProgramData\Norton

2013-10-28 19:47:25 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-10-28 19:03:19 ----D---- C:\Users\Van Gent\AppData\Roaming\Dropbox

2013-10-19 10:56:48 ----D---- C:\Users\Van Gent\AppData\Roaming\Smilebox

2013-10-12 12:19:46 ----D---- C:\Windows\Microsoft.NET

2013-10-12 12:19:09 ----RSD---- C:\Windows\assembly

2013-10-11 20:31:28 ----D---- C:\Program Files (x86)\Internet Explorer

2013-10-11 16:47:43 ----D---- C:\ProgramData\Microsoft Help

2013-10-11 16:22:12 ----D---- C:\Windows\system32\nl-NL

2013-10-11 16:03:20 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-11 16:03:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-09 17:11:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-01-05 74880]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-07-16 1488384]

R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]

S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-07 2769400]

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-08-10 222208]

S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-09-28 5504]

S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-03-26 37888]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2009-08-28 49152]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-01-05 185089]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2013-10-02 71224]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]

R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]

R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-06 311592]

R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]

R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-06-04 75064]

R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-06-04 189248]

R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]

R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-23 641352]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-06 133104]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-06 133104]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-26 1255736]

-----------------EOF-----------------

[juisterr]

Download Zoek.zip naar het bureaublad.

1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
   
2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
   

• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  
  
  emptyclsid;
  emptyfolderscheck;Delete
  torpigcheck;
  firefoxlook; 
  Chromelook; 
  CHRdefaults;
  autoclean; 
  iedefaults; 
  filesrcm; 
  torpigcheck;
  
  
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

[djdanvan]

Juisterr,

dit zou het moeten zijn.

thx

djdavan,

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Van Gent on do 31/10/2013 at 20:52:02,48.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Van Gent\Desktop\zoek\zoek.exe [script inserted] ==== System Restore Info ======================

31/10/2013 20:55:58 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\Zylom Games deleted successfully

C:\PROGRA~2\COMMON~1\PX Storage Engine deleted successfully

C:\ProgramData\firebird deleted successfully

C:\ProgramData\SiteAdvisor deleted successfully

C:\Users\Van Gent\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\Van Gent\AppData\Roaming\XMind deleted successfully

C:\Users\Van Gent\AppData\Local\Updater21806 deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3421574438-2419969571-4120656343-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_USERS\S-1-5-21-3421574438-2419969571-4120656343-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3421574438-2419969571-4120656343-1000\Software\Mozilla\Firefox\Extensions\{2bcffe85-4109-4090-8fc8-5d957856bb1c} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4bcdbfd0-fa26-11de-8a39-0800200c9a66} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

C:\search.sqlite deleted

C:\Users\Van Gent\AppData\Roaming\settings.ini deleted

C:\ProgramData\Package Cache deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted

C:\Windows\wininit.ini deleted

C:\windows\SysNative\tasks\Updater21806.exe deleted

C:\prefs.js deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\VANGEN~1\AppData\Local\Temp ====

2013-10-30 09:36:18 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avkmgr.sys

2013-10-30 09:36:18 D62D0CFABA19B111067613101D43FA7E 137208 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avipbb.sys

2013-10-30 09:36:18 6A2F29C5423200CFC5377992615FEE33 431688 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avshadow.exe

2013-10-30 09:36:18 683A089D14B60CD58E06ECE079065235 89376 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avgntflt.sys

2013-10-30 09:36:18 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp64\avkmgr.sys

2013-10-30 09:36:18 29F9901C22E7BFE23DF8389AFC530D3D 105856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp64\avgntflt.sys

2013-10-30 09:36:18 033CA7F2EABD7EFDC482FE45DD7E1B60 132600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp64\avipbb.sys

2013-10-30 09:36:17 E327F12F7EF7925AB773EC062F8E42B2 149576 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\wksstats.dll

2013-10-30 09:36:17 D1D40E04F258917863F8F6AE3D49DC33 83160 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avnetflt.sys

2013-10-30 09:36:17 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avkmgr.sys

2013-10-30 09:36:17 2314B5C62CE72EAE4658C0EBACF05CDE 644168 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\wsctool.exe

2013-10-30 09:36:17 033CA7F2EABD7EFDC482FE45DD7E1B60 132600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avipbb.sys

2013-10-30 09:36:16 E2B4FC3BDEEA485A9C33750E12B31BF3 67680 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win8\avnetflt.sys

2013-10-30 09:36:16 29F9901C22E7BFE23DF8389AFC530D3D 105856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avgntflt.sys

2013-10-30 09:36:15 BF541D6F4F04A50069147C7FCC9511F0 600648 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avshadow.exe

2013-10-30 09:36:15 429DE01B925CA7CFFF791211ACF3CA25 67680 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win7\avnetflt.sys

2013-10-30 09:36:15 09E9CA6E7C6BD01D6AE7BECDEC224D06 83160 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win764\avnetflt.sys

2013-10-30 09:36:14 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avkmgr.sys

2013-10-30 09:36:13 29F9901C22E7BFE23DF8389AFC530D3D 105856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avgntflt.sys

2013-10-30 09:36:13 135DBF3EC7265548CA23D9B08E1454E6 193608 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avipc64.dll

2013-10-30 09:36:13 033CA7F2EABD7EFDC482FE45DD7E1B60 132600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avipbb.sys

2013-10-30 09:36:12 CEDE02D7AF62449A2C38C49ABECC0CD3 4995416 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vcredist_x86.exe

2013-10-30 09:36:10 DDC706B051E3CE3A78DE87CB674AA245 198216 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\updgui.dll

2013-10-30 09:36:10 C0B292DE32BBFE0125355012F1CB1C15 152136 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\updext.dll

2013-10-30 09:36:10 BF038CBE10CCFC94308F19E68B7A42EF 932424 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\update.exe

2013-10-30 09:36:10 38EF5D630DEC7AEF9256932A90F538A5 399432 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\updrgui.exe

2013-10-30 09:36:09 D429A69586187242AEF5A69F60286770 154696 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\shlext.dll

2013-10-30 09:36:09 D39100037F0A72FEE25BED9830974599 25672 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_zhtw.dll

2013-10-30 09:36:09 AA7A5F267D4738D8760B61AD971C6E0E 1316160 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\thorwac.dll

2013-10-30 09:36:09 A93B3D672BE11623557DBDACDEAC230A 422472 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\setuppending.exe

2013-10-30 09:36:09 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ssmdrv.sys

2013-10-30 09:36:09 7A1516F0FEE74F6B0BA42885EF63E5C4 394824 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\sqlite3.dll

2013-10-30 09:36:09 5E67EE4B16207A6AC3C18DC3AFAA8B49 130120 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\scewxmlw.dll

2013-10-30 09:36:09 4DF0F1BB8ADDDA0714CE0A9F161D3DA6 396360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\toastnotifier.exe

2013-10-30 09:36:09 492E0883DEFBE740D5DA3737E87C95EC 77569 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\unacev2.dll

2013-10-30 09:36:09 3478F48B23A0D9F6EADD4A2405BA70EF 440392 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\sched.exe

2013-10-30 09:36:09 27DA2A3CAE27AAC116567171AFE83AD8 2068040 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\update.dll

2013-10-30 09:36:09 1FBF5E2A59D9B903DCAB870974760F3E 2288200 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\shlext64.dll

2013-10-30 09:36:09 18189AED94E0FF9B85FE193022953061 265216 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ssleay32.dll

2013-10-30 09:36:09 056FDB77EECBBF46171E33B855C50862 1301048 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\setup.exe

2013-10-30 09:36:08 F796FE407823A05133BE7DC220FBE8EB 3091528 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\presetup.exe

2013-10-30 09:36:08 F63BCF1257790EFFCA8F0D60E22CECDA 26184 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_de.dll

2013-10-30 09:36:08 E4FECE18310E23B1D8FEE993E35E7A6F 626688 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\msvcr80.dll

2013-10-30 09:36:08 CE8CE1931B2D9B79E3B86797D7E1353E 25672 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_zhcn.dll

2013-10-30 09:36:08 C4E8DECA62D5AF8F4C7FAF710E2A015F 18504 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_jp.dll

2013-10-30 09:36:08 C45793CB648F94D5365C1D1CFFA41310 20552 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_fr.dll

2013-10-30 09:36:08 AE88282D08916C00A324F6A269924EA9 1291696 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\offercast_avirav7_.exe

2013-10-30 09:36:08 A91FE0677EA312EE7849799197FC932F 24648 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_ar.dll

2013-10-30 09:36:08 885B978AEBF133AE85BDAB2801A5E9CA 20552 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_es.dll

2013-10-30 09:36:08 78B7F47BCD34928CC1659F141143D846 25672 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_en.dll

2013-10-30 09:36:08 6C442E25CDBE7CFE80D2CB3C32D6F705 26184 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_nl.dll

2013-10-30 09:36:08 4C8A880EABC0B4D462CC4B2472116EA1 548864 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\msvcp80.dll

2013-10-30 09:36:08 4ADADAF8775B0E993A7D4CDE7D408757 20040 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_ru.dll

2013-10-30 09:36:08 45D15CCD2A5B5C6C6FBE3E3EF6854B8E 13384 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\netnt.dll

2013-10-30 09:36:08 3C2EB01396D771BC4BAE210941FD2AF0 25672 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_tr.dll

2013-10-30 09:36:08 385184E8E117342E704BAD2631212695 23112 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_ko.dll

2013-10-30 09:36:08 370FDE1E34DA5471A8A01F8EF8CE089F 20040 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_it.dll

2013-10-30 09:36:08 0E3441C60A887898F630F02BB703B756 28232 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\rcnwload_pt.dll

2013-10-30 09:36:08 01D9586C8E669AEFE293FFC161444654 25672 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\onlcfg.dll

2013-10-30 09:36:07 DFEF0C0AA223F6756DD9A7E80AE6E922 65096 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\luke.dll

2013-10-30 09:36:07 CF20E8B3551D01020C080D1D00CF2A0B 1296384 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\libeay32.dll

2013-10-30 09:36:07 BF3D455632B646B3E97AAFAA75B453D6 27136 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\libapriconv-1.dll

2013-10-30 09:36:07 BC6D509D2087A927ED85BE11683C8888 411720 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\insthlp.exe

2013-10-30 09:36:07 B4B31E08A282631556EE8BE4C2A4A003 467016 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ipmgui.exe

2013-10-30 09:36:07 AB75634774688A34670DB669B9D815A4 499272 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\inssda64.exe

2013-10-30 09:36:07 99B29DCD759F66EE05DE822FB3801E68 257536 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\libcurl.dll

2013-10-30 09:36:07 9512C4F60A30BA257E06FDE27509FB13 452680 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\licmgr.exe

2013-10-30 09:36:07 8F9F50F3810672AC36503B72A0B1808A 757248 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\libdb44.dll

2013-10-30 09:36:07 7DD4472920D473E2441E3DEBFAE3B985 189000 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\msgclient.dll

2013-10-30 09:36:07 6F6E005C9B0B81B84EC7538418981FBA 105544 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\mgrs.dll

2013-10-30 09:36:07 4CBFC20E0C489BD423B8D69531CDF7DE 181248 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\libaprutil-1.dll

2013-10-30 09:36:07 1A29E1228EDE278564F628E2668CE549 131584 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\libapr-1.dll

2013-10-30 09:36:07 0CF5B4F14C0F26512B854B207AAF4F6B 1258056 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\libdb53.dll

2013-10-30 09:36:06 C61EE97A6FBD9808B3B697477D24F7F8 466504 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\guardgui.exe

2013-10-30 09:36:06 9CF48DD64B4A647326096C413D884135 313416 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpavgio.dll

2013-10-30 09:36:06 989C8D5A9CBABF2C5CC01CE9A63AA2DB 22088 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gplegacy.dll

2013-10-30 09:36:06 888AFAA415A071D95FCD9CB3ED84F702 109128 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpgen.dll

2013-10-30 09:36:06 79D1540043501013340DAB080B63F914 39496 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpgrd.dll

2013-10-30 09:36:06 6D4B6F0A9EEE2DAB63C5CAAC73A26B7E 57416 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpgui.dll

2013-10-30 09:36:06 5DBB3FFD6EF762274C0E697A93C1EE8A 418376 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\grdcore.dll

2013-10-30 09:36:06 40D68F12DD3BF7F5C0F6D4DB6BCA16B7 403528 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\imp64b.exe

2013-10-30 09:36:06 3258D6D318C5D854E8D5D77A919BC1E1 218184 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpipc.dll

2013-10-30 09:36:06 29FBC80F78D75FD6554E72FD4F081BD9 106568 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpgavid.dll

2013-10-30 09:36:06 1E968CA1F817103AC742141DD2BDA89C 50760 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpgenrep.dll

2013-10-30 09:36:06 1A68E1C73679A4F415ADEAE39864B2BB 128584 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gavidb.dll

2013-10-30 09:36:06 0D1984A81FF30ECA0D55FE04BA15F68C 130632 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\gpschd.dll

2013-10-30 09:36:05 FA61274F3863071B0030D1B807714432 66632 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\rctext.dll

2013-10-30 09:36:05 E9D0DF01A8C6455CD62BA847F4938A49 4788808 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\rcimage.dll

2013-10-30 09:36:05 D7FF9B09D6C190B7867A08E1BA48B755 12360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\schedr.dll

2013-10-30 09:36:05 ACA3F65CDF2F4CCC0349B46E64A38EC8 10312 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\restartrc.dll

2013-10-30 09:36:05 AC56F876E8431D2C5EDBC9F0974DD7EC 12872 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\updguirc.dll

2013-10-30 09:36:05 A7406247EC8025B6944B5D51D109D571 44616 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\updaterc.dll

2013-10-30 09:36:05 A5B9387E6C585DA97A81129B79344FCD 788552 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\fact.exe

2013-10-30 09:36:05 5EE9E785E3D88514A33DF6D88ED3F1EB 215112 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\extdlgfw.dll

2013-10-30 09:36:05 2FEC6261E9B58929224BC58EC98E5A24 23624 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\firewall.dll

2013-10-30 09:36:05 2804C95D306140759F8EC41D9070EFFC 72776 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\rchelp.dll

2013-10-30 09:36:05 232C092DFA626265DB10504DA7E67A2A 84552 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\setup.dll

2013-10-30 09:36:04 9C182BCFA763CEB678F30A99F32C5876 16456 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\lukeres.dll

2013-10-30 09:36:04 3CDB914D20FD3F0A97DF29948D4BA10D 13896 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\licmgr.dll

2013-10-30 09:36:03 ED24EB55989D9A013019055B14F9F02D 8776 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\cclicrc.dll

2013-10-30 09:36:03 D9ACED7FCEA159B9907BC749DC89C450 26184 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccgrdrc.dll

2013-10-30 09:36:03 D76C89AB1C145C1A8916069884046FEF 36424 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccscanrc.dll

2013-10-30 09:36:03 D67BAC81C512684AFD2F2B64BBC846FB 9288 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccmsgrc.dll

2013-10-30 09:36:03 D0FDB9E490A12F6A03337CDB9D75796C 16456 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccevrc.dll

2013-10-30 09:36:03 BCFEFDE2F23447E03C8442F3840D865F 19016 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccavscanexrc.dll

2013-10-30 09:36:03 AEB34D09483BB7E2590C7E8F0AE32550 25160 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccwgrdrc.dll

2013-10-30 09:36:03 95E8F26918B72444D4F297156BF2217E 21576 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\avwebgrc.dll

2013-10-30 09:36:03 74B2A69B5E19A249DD6D7560C494AFBD 14408 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccreporc.dll

2013-10-30 09:36:03 593E12A036DA889F2B5DF265A40D1EE2 9288 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccwebtabsrc.dll

2013-10-30 09:36:03 592E90F963B3606AFFE675EA780FECF4 52296 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\avscanrc.dll

2013-10-30 09:36:03 4C04D5FAB14FC648116E202C1A43EEEA 12872 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccfwmgtrc.dll

2013-10-30 09:36:03 4023925C59DCDEAF926616378D96A486 12360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\avnotify.dll

2013-10-30 09:36:03 2D47C0C065A65A791CF98ABEC28950CD 45640 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccgenrc.dll

2013-10-30 09:36:03 2CD654B8BF7AEF71333F337ED30C8DE2 25672 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccupdrc.dll

2013-10-30 09:36:03 1B1D7ECDBDCC871B668B3626C1BB332C 37960 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\guardmsg.dll

2013-10-30 09:36:03 19B78030EE22849D492820F3787901AD 11336 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\cchipsrc.dll

2013-10-30 09:36:03 178D98257271A98495DC44933F3604ED 22088 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccquarc.dll

2013-10-30 09:36:03 0692439F5984264BCADD7A9040A3C12A 22600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccscherc.dll

2013-10-30 09:36:03 040E0EAEE4ED4E4D566C2AF29101FBE2 12872 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\ccmainrc.dll

2013-10-30 09:36:03 021301AD91C35F9BBDA6B626529192C5 28744 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\factrc.dll

2013-10-30 09:36:02 ECC5EAD6407AD77639F30E33A8C44549 748104 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccwkrlib.dll

2013-10-30 09:36:02 E5342660078DA6C8597DCDB8696D7F03 16456 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\avconfigrc.dll

2013-10-30 09:36:02 CD1726D9B4EA364DB931817CC6D1C964 14920 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\avevtrc.dll

2013-10-30 09:36:02 C6F4329CFE40C93B15226D63E33D6FC9 137800 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\cfgprofile.dll

2013-10-30 09:36:02 BADF9A550F5A635A8D1EE794FC0C7E64 12360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\avesvcr.dll

2013-10-30 09:36:02 A7C207734812814DDE783956C2507928 120904 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccwebtabs.dll

2013-10-30 09:36:02 A404C19DA5126EB1BB6E79408A6A647E 220744 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccupdate.dll

2013-10-30 09:36:02 9EB4CB5332E6D2EBFE1F97520B274CCA 55368 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\cfglib.dll

2013-10-30 09:36:02 7A0F56D23B1A858E19ADDB7610B81CAA 212552 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccupdw.dll

2013-10-30 09:36:02 6CDEB0890093B5EA1522B4A04195A1BA 401992 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\checkt.exe

2013-10-30 09:36:02 690B383845CF4268914870CE00EE1159 419400 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccwgrd.dll

2013-10-30 09:36:02 566C70E82A1D97F9BA427B4D48B5AAC9 127560 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccwgrdw.dll

2013-10-30 09:36:01 EF15ED2C6F0F640A7D00F5553F06F873 152136 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccrepow.dll

2013-10-30 09:36:01 EA71A450E9D76654185161039E9177FC 83016 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\cclic.dll

2013-10-30 09:36:01 E2AEA8A04AD00770D1D34B040F386F6E 87112 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccschedw.dll

2013-10-30 09:36:01 D5B1DFA5C1ED6352E49662C2121267A8 474696 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccuac.exe

2013-10-30 09:36:01 CD16BF66A9A572AAC577536B4125E350 221256 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccquaw.dll

2013-10-30 09:36:01 BB7A49B4C2C85D8FA01AFC3135E4B29F 229448 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccgrdw.dll

2013-10-30 09:36:01 B1DDF7489F199230DB4A0D33A86522A0 202312 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\cchips.dll

2013-10-30 09:36:01 A8026C64299F26D61B6C8701910BB3B7 349768 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccguard.dll

2013-10-30 09:36:01 A56312B5ECCAEFF7CD6706707A5F3021 255560 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccsched.dll

2013-10-30 09:36:01 90C3F29F90EE70D68ECC07DEC65D4CFE 91208 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccscanw.dll

2013-10-30 09:36:01 8C30B4AF278B6A0BC21174F4C83084AE 237640 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccmsg.dll

2013-10-30 09:36:01 8719BA0D144E68AE24452D73C3B0EE05 321096 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccquamgr.dll

2013-10-30 09:36:01 6F7BE1069F69CAFF92AD626923BC8603 211528 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccfwmgt.dll

2013-10-30 09:36:01 4F0E03579ECC0607B38B9D3EFE38FEF8 361544 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccprofil.dll

2013-10-30 09:36:01 4E14458DCB1AC1D246DB9DE3B4CD60AA 80456 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\cclicw.dll

2013-10-30 09:36:01 49B54F9089D92E84D3132F67B5043EFF 140872 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccgenw.dll

2013-10-30 09:36:01 439504C413D920C9DB1607B74D8D69DA 808520 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccgen.dll

2013-10-30 09:36:01 3010231F4DFCB94431E4D9B904773313 241736 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccreport.dll

2013-10-30 09:36:00 E93675D9F0A2086DC2247C44E9CD31C0 274504 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccev.dll

2013-10-30 09:36:00 D781EE7A91448C5404CA24C520D2BC8E 334408 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccavscanex.dll

2013-10-30 09:36:00 B959A84621166507C4B293804B9E0D94 147528 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccevw.dll

2013-10-30 09:36:00 84953AED2E16745B9F175A661BBFDAEC 1742408 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebloadergui.dll

2013-10-30 09:36:00 629742AAACE1B0A5B977FF9DAE612C45 23624 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwinll.dll

2013-10-30 09:36:00 4837E0D034E6B56FDE042B4BF1CBF593 53320 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebloader.dll

2013-10-30 09:36:00 44047CAF7B0525E9286BE05DCC597C7A 564808 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebloader.exe

2013-10-30 09:36:00 3DACC330ADE9D15290EFA6A86CC8A9A7 225352 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwmi.dll

2013-10-30 09:36:00 3394E97D70FC9778539EACF7EFF21A87 849456 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwsc.exe

2013-10-30 09:35:59 ED54F07E57BB1CF7BBB5C02E5C1A4385 681032 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avgnt.exe

2013-10-30 09:35:59 E99CF6A40E06E2E414A8B3B049069EF6 48712 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avpref.dll

2013-10-30 09:35:59 E6CAF63BAB129E7BA77462C0D0B64EB8 30280 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avinet.dll

2013-10-30 09:35:59 D1EE08EF3B546E2D009516A866FF6B9A 59976 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avipc.dll

2013-10-30 09:35:59 BA4772044917FDF80ADEAB2E9C3F863B 1164360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebgrd.exe

2013-10-30 09:35:59 B092E17043C61A49BFE1BFB2A8D60247 250440 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avreg.dll

2013-10-30 09:35:59 AFFE7C21A4FCA1963371F10066911D3A 440392 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avguard.exe

2013-10-30 09:35:59 90EBDA42CC8A22E9C48BCEB6ADDD8D92 257608 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avsda.dll

2013-10-30 09:35:59 668F12A4311C81E974075A91A2D3D845 447560 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avconfig.dll

2013-10-30 09:35:59 6585A53F52951C108063039971D911CE 752200 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avnotify.exe

2013-10-30 09:35:59 59A16E5DEA0EDBEF76EA40C4E6FE597D 1164360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebg7.exe

2013-10-30 09:35:59 52FB7796AF7E31FEF7F36FCEFF1EF038 766024 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avconfig.exe

2013-10-30 09:35:59 4D956F3FB62FEE8A3C1FE8C750152266 134216 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avesvc.dll

2013-10-30 09:35:59 487951B7441F37FECABD5E10DC87CFC7 78408 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avgio.dll

2013-10-30 09:35:59 41FB6D6C3E393C7AC56C41E98D0FD54F 175688 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avrep.dll

2013-10-30 09:35:59 41F344F95727D1D93CF560DB7F364EB9 511560 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avrestart.exe

2013-10-30 09:35:59 241BD6DADE1FEEACCC44E645AFBEC2A3 231496 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avsda64.dll

2013-10-30 09:35:59 23814F46CA99E2DDC63F0D6B10313145 52808 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avmres.dll

2013-10-30 09:35:59 221DFBF3AB515C2E1D336FA2A668AA13 92232 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avscplr.dll

2013-10-30 09:35:59 16D5C1349AB024FFAD48D8EB62AFED13 968776 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avscan.exe

2013-10-30 09:35:59 0B69C677A330DF6D58A613A2C9F41802 60488 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avsmtp.dll

2013-10-30 09:35:59 095E3A6FAAB9D5A910A37D2B95D063C0 411720 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avupgsvc.exe

2013-10-30 09:35:59 08CC0B0DEC36603E8FC4E010B0621894 512584 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avlode.dll

2013-10-30 09:35:58 F4C12CFB46E8F09727BE44D3A786DA8C 257096 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avarkt.dll

2013-10-30 09:35:58 C49089E9DD7A68D3317500FFA4D2BA4C 661064 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avcenter.exe

2013-10-30 09:35:58 BC81707E7BEB7B01678A3373189E8011 1245560 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aesbx.dll

2013-10-30 09:35:58 B30F23026AA2F12A690153FFB6983993 102774 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aevdf.dll

2013-10-30 09:35:58 9D4DB1309BB1D86FDC7CFAFB315E3E5A 688504 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aerdl.dll

2013-10-30 09:35:58 61869D97AEEB1C89773BCAFBF5CB9F6B 11336 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avacl.dll

2013-10-30 09:35:58 455847CDA8F30A8BB6DDF3E654D22F2E 512382 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aescript.dll

2013-10-30 09:35:58 375F7A2A47BF77493920A55C2E341C10 154112 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\apcfile.dll

2013-10-30 09:35:58 355B833E125BED8648EE29D91A7BBFC2 437832 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avadmin.exe

2013-10-30 09:35:58 25419E7D1DED175B21113D819B3970DC 131446 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aescn.dll

2013-10-30 09:35:58 1F33027B7000EB6058302066F95EFEA1 538696 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avbb.dll

2013-10-30 09:35:57 F3D0B23E8C0BBDC1771BF0F0DBE9913B 205181 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aeoffice.dll

2013-10-30 09:35:57 CD7B65E600B8EBC91B292C1AC9EC1215 393587 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aeemu.dll

2013-10-30 09:35:57 CAEBF7161704BB34DC70E53AFFED5FDB 6201722 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aeheur.dll

2013-10-30 09:35:57 B321B1B8BF16F6B3341121D477EFA02A 321856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\64bitproxy.exe

2013-10-30 09:35:57 999463B4206D8D35B54ED375C0AFD531 201081 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aecore.dll

2013-10-30 09:35:57 966E18783BA760B801A41091837D7F9A 446839 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aegen.dll

2013-10-30 09:35:57 868840F1FA1E711B747F8917D43389BD 749945 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aepack.dll

2013-10-30 09:35:57 46292E26B11860447AF29CEA638FB129 328055 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aeexp.dll

2013-10-30 09:35:57 434049E557861645FA160F3035025F51 53619 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aebb.dll

2013-10-30 09:35:57 056AD4A41E7A19A75B35E0D4E35D9EAF 266617 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\aehelp.dll

====== Java Cache =====

2013-10-26 08:43:42 65716D36B3E2E730507243861D253C4E 18981 ----a-w- C:\Users\Van Gent\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\7c2c99a5-411b500b

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-10-30 14:07:18 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2013-10-30 14:07:18 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2013-10-30 14:07:18 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2013-10-30 14:07:18 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2013-10-30 14:07:18 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2013-10-30 14:07:18 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2013-10-30 14:07:18 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2013-10-30 10:40:51 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys

2013-10-29 10:26:02 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-10-10 16:49:38 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-10-10 16:49:31 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys

2013-10-10 16:49:31 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys

2013-10-10 16:49:29 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys

2013-10-10 16:49:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys

2013-10-10 16:49:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

2013-10-10 16:49:25 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2013-10-10 16:49:20 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-10-10 16:49:20 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-10-10 16:48:27 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

2013-10-10 16:24:29 8555494F30B113D65976490E8FCE8821 3608 ----a-w- C:\Windows\Sysnative\Tasks\Ad-Aware Update (Weekly)

2013-10-10 16:24:25 5896EB4F6698B44C68BE0B17CD6CA62F 3416 ----a-w- C:\Windows\Sysnative\Tasks\Ad-Aware Update (Daily 4)

2013-10-10 16:24:21 DACE7D82F2BD65265A94AE1767652440 3416 ----a-w- C:\Windows\Sysnative\Tasks\Ad-Aware Update (Daily 3)

2013-10-10 16:24:18 6B83556874EC3EEFC8537FD1449F325D 3416 ----a-w- C:\Windows\Sysnative\Tasks\Ad-Aware Update (Daily 2)

2013-10-06 08:59:45 CB8A367C98B693C14783784A18023BC0 3416 ----a-w- C:\Windows\Sysnative\Tasks\Ad-Aware Update (Daily 1)

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-30 18:53:18 -------- d-----w- C:\Program Files\trend micro

2013-10-30 10:39:50 -------- d-----w- C:\Program Files\iPod

2013-10-30 10:39:49 -------- d-----w- C:\Program Files\iTunes

2013-10-30 10:38:03 -------- d-----w- C:\Program Files\Bonjour

======= C:\PROGRA~2 =====

2013-10-30 10:38:03 -------- d-----w- C:\PROGRA~2\Bonjour

2013-10-30 10:34:15 -------- d-----w- C:\PROGRA~2\QuickTime

2013-10-28 19:00:50 -------- d-----w- C:\PROGRA~2\VS Revo Group

======= C: =====

2013-10-30 09:25:55 17A0CE2201252D142DF68FD62D82B33B 1872 ----a-w- C:\DelFix.txt

2013-10-29 08:07:50 64D58DA37C4E6A6E34DC6D576E7A0ECF 118 ---ha-w- C:\aaw7boot.cmd

====== C:\Users\Van Gent\AppData\Roaming ======

2013-10-30 10:37:09 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer

2013-10-30 10:00:03 -------- d-----w- C:\Users\Van Gent\AppData\Local\Windows Live Writer

2013-10-29 12:11:46 -------- d-----w- C:\Users\Public\AppData\Local\temp

2013-10-29 12:11:46 -------- d-----w- C:\Users\Default\AppData\Local\temp

2013-10-29 12:11:46 -------- d-----w- C:\Users\Default User\AppData\Local\temp

2013-10-29 10:25:45 -------- d-----w- C:\Users\Van Gent\AppData\Local\Programs

2013-10-28 19:00:51 -------- d-----w- C:\Users\Van Gent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

====== C:\Users\Van Gent ======

2013-10-30 18:51:31 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Van Gent\Desktop\RSITx64.exe

2013-10-30 18:51:02 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Van Gent\Downloads\RSITx64.exe

2013-10-30 10:57:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2013-10-30 10:40:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-10-30 10:39:49 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-30 10:34:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2013-10-30 09:35:46 86CA00485F6D341F88D6DBCB1A2B70F0 123650800 ----a-w- C:\Users\Van Gent\Downloads\avira_free_antivirus_en (1).exe

2013-10-30 09:34:39 86CA00485F6D341F88D6DBCB1A2B70F0 123650800 ----a-w- C:\Users\Van Gent\Downloads\avira_free_antivirus_en.exe

2013-10-29 12:11:46 -------- d-----w- C:\Users\Public\AppData

2013-10-29 10:46:57 -------- d-----r- C:\Users\Van Gent\Data die op je bureaublad stonden

2013-10-29 10:43:42 -------- d-----r- C:\Users\Van Gent\Alle snelkoppelingen die op je bureaubladstonden

====== C: exe-files ==

2013-10-30 18:53:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Van Gent.exe

2013-10-30 18:51:31 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Van Gent\Desktop\RSITx64.exe

2013-10-30 12:47:24 90E6EEB605A94CB3E31E02BCB1D8A76D 122743776 ----a-w- C:\ProgramData\Avira\My Avira\Temp\antivirus.exe

2013-10-30 12:46:09 B731C67E125203220E94D3CFC8FEA80C 4497856 ----a-w- C:\Users\Van Gent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ESXNRDS\avira_oe_client_antivirus_en_jx9dyotuxu6p2ivw6d8z_.exe

2013-10-30 10:56:47 E47665036552BB2DC90C3CE11EBFC3DE 77128 ----a-w- C:\Users\Van Gent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SA5ND4O4\SetupAdmin[1].exe

2013-10-30 10:56:47 E47665036552BB2DC90C3CE11EBFC3DE 77128 ----a-w- C:\ProgramData\Apple\Installer Cache\iCloud Control Panel 3.0.2.163\SetupAdmin.exe

2013-10-30 10:35:39 B82DC26E4C6AB0D60981A9DD738742FC 77136 ----a-w- C:\Users\Van Gent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ESXNRDS\SetupAdmin[1].exe

2013-10-30 10:35:39 B82DC26E4C6AB0D60981A9DD738742FC 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.1.2.32\SetupAdmin.exe

2013-10-30 10:33:23 A3C801C34D33DA48744B06F21AAC2302 80216 ----a-w- C:\Users\Van Gent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ESXNRDS\QuickTimeInstallerAdmin[1].exe

2013-10-30 09:36:18 6A2F29C5423200CFC5377992615FEE33 431688 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avshadow.exe

2013-10-30 09:36:17 2314B5C62CE72EAE4658C0EBACF05CDE 644168 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\wsctool.exe

2013-10-30 09:36:15 BF541D6F4F04A50069147C7FCC9511F0 600648 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avshadow.exe

2013-10-30 09:36:12 CEDE02D7AF62449A2C38C49ABECC0CD3 4995416 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vcredist_x86.exe

2013-10-30 09:36:10 BF038CBE10CCFC94308F19E68B7A42EF 932424 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\update.exe

2013-10-30 09:36:10 38EF5D630DEC7AEF9256932A90F538A5 399432 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\updrgui.exe

2013-10-30 09:36:09 A93B3D672BE11623557DBDACDEAC230A 422472 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\setuppending.exe

2013-10-30 09:36:09 4DF0F1BB8ADDDA0714CE0A9F161D3DA6 396360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\toastnotifier.exe

2013-10-30 09:36:09 3478F48B23A0D9F6EADD4A2405BA70EF 440392 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\sched.exe

2013-10-30 09:36:09 056FDB77EECBBF46171E33B855C50862 1301048 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\setup.exe

2013-10-30 09:36:08 F796FE407823A05133BE7DC220FBE8EB 3091528 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\presetup.exe

2013-10-30 09:36:08 AE88282D08916C00A324F6A269924EA9 1291696 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\offercast_avirav7_.exe

2013-10-30 09:36:07 BC6D509D2087A927ED85BE11683C8888 411720 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\insthlp.exe

2013-10-30 09:36:07 B4B31E08A282631556EE8BE4C2A4A003 467016 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ipmgui.exe

2013-10-30 09:36:07 AB75634774688A34670DB669B9D815A4 499272 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\inssda64.exe

2013-10-30 09:36:07 9512C4F60A30BA257E06FDE27509FB13 452680 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\licmgr.exe

2013-10-30 09:36:06 C61EE97A6FBD9808B3B697477D24F7F8 466504 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\guardgui.exe

2013-10-30 09:36:06 40D68F12DD3BF7F5C0F6D4DB6BCA16B7 403528 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\imp64b.exe

2013-10-30 09:36:05 A5B9387E6C585DA97A81129B79344FCD 788552 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\fact.exe

2013-10-30 09:36:02 6CDEB0890093B5EA1522B4A04195A1BA 401992 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\checkt.exe

2013-10-30 09:36:01 D5B1DFA5C1ED6352E49662C2121267A8 474696 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ccuac.exe

2013-10-30 09:36:00 44047CAF7B0525E9286BE05DCC597C7A 564808 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebloader.exe

2013-10-30 09:36:00 3394E97D70FC9778539EACF7EFF21A87 849456 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwsc.exe

2013-10-30 09:35:59 ED54F07E57BB1CF7BBB5C02E5C1A4385 681032 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avgnt.exe

2013-10-30 09:35:59 BA4772044917FDF80ADEAB2E9C3F863B 1164360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebgrd.exe

2013-10-30 09:35:59 AFFE7C21A4FCA1963371F10066911D3A 440392 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avguard.exe

2013-10-30 09:35:59 6585A53F52951C108063039971D911CE 752200 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avnotify.exe

2013-10-30 09:35:59 59A16E5DEA0EDBEF76EA40C4E6FE597D 1164360 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avwebg7.exe

2013-10-30 09:35:59 52FB7796AF7E31FEF7F36FCEFF1EF038 766024 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avconfig.exe

2013-10-30 09:35:59 41F344F95727D1D93CF560DB7F364EB9 511560 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avrestart.exe

2013-10-30 09:35:59 16D5C1349AB024FFAD48D8EB62AFED13 968776 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avscan.exe

2013-10-30 09:35:59 095E3A6FAAB9D5A910A37D2B95D063C0 411720 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avupgsvc.exe

2013-10-30 09:35:58 C49089E9DD7A68D3317500FFA4D2BA4C 661064 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avcenter.exe

2013-10-30 09:35:58 355B833E125BED8648EE29D91A7BBFC2 437832 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avadmin.exe

2013-10-30 09:35:57 B321B1B8BF16F6B3341121D477EFA02A 321856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\64bitproxy.exe

2013-10-28 19:00:52 46380CE5589624D7623DB41184B98FE4 85598 ----a-w- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe

=== C: other files ==

2013-10-30 14:07:18 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-10-30 14:07:18 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-10-30 14:07:18 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-10-30 14:07:18 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-10-30 14:07:18 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-10-30 14:07:18 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-10-30 14:07:18 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-10-30 10:40:51 8E98D21EE06192492A5671A6144D092F 33240 -c--a-w- C:\Windows\System32\DRVSTORE\GEARAspiWD_53DFBC3344EBC2614851E0BF38F60B616DF86778\x64\GEARAspiWDM.sys

2013-10-30 10:40:51 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2013-10-30 09:36:18 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avkmgr.sys

2013-10-30 09:36:18 D62D0CFABA19B111067613101D43FA7E 137208 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avipbb.sys

2013-10-30 09:36:18 683A089D14B60CD58E06ECE079065235 89376 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp\avgntflt.sys

2013-10-30 09:36:18 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp64\avkmgr.sys

2013-10-30 09:36:18 29F9901C22E7BFE23DF8389AFC530D3D 105856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp64\avgntflt.sys

2013-10-30 09:36:18 033CA7F2EABD7EFDC482FE45DD7E1B60 132600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\xp64\avipbb.sys

2013-10-30 09:36:17 D1D40E04F258917863F8F6AE3D49DC33 83160 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avnetflt.sys

2013-10-30 09:36:17 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avkmgr.sys

2013-10-30 09:36:17 033CA7F2EABD7EFDC482FE45DD7E1B60 132600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avipbb.sys

2013-10-30 09:36:16 E2B4FC3BDEEA485A9C33750E12B31BF3 67680 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win8\avnetflt.sys

2013-10-30 09:36:16 29F9901C22E7BFE23DF8389AFC530D3D 105856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win864\avgntflt.sys

2013-10-30 09:36:15 429DE01B925CA7CFFF791211ACF3CA25 67680 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win7\avnetflt.sys

2013-10-30 09:36:15 09E9CA6E7C6BD01D6AE7BECDEC224D06 83160 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\win764\avnetflt.sys

2013-10-30 09:36:14 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avkmgr.sys

2013-10-30 09:36:13 29F9901C22E7BFE23DF8389AFC530D3D 105856 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avgntflt.sys

2013-10-30 09:36:13 033CA7F2EABD7EFDC482FE45DD7E1B60 132600 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\vista64\avipbb.sys

2013-10-30 09:36:09 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\ssmdrv.sys

2013-10-30 09:36:08 E274C96E2175C7DF97DCB255E406A900 1478 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\productreleasenotes.zip

2013-10-30 09:36:08 516B8C03BBBDACF1E655303219E84E69 11371 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\qatestedproducts.zip

2013-10-30 09:36:07 7B9BBBDBCBBF2B3F347037DE5538367B 2453117 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\manualuninstallconfig.zip

2013-10-30 09:36:05 43552F707825F03E84C0FA217DBA3868 42088 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\en-us\sweb.zip

2013-10-30 09:35:59 2BFC29F303019878349248A2FB75FC2E 27044 ----a-w- C:\Users\Van Gent\AppData\Local\Temp\RarSFX0\avsdklist.zip

2013-10-29 10:26:02 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

==== Folders in C:\ProgramData 0-6 Months Old ======================

2013-08-07 14:47:59 -------- d-----w- C:\ProgramData\hps

2013-08-07 14:47:59 -------- d-----w- C:\ProgramData\tmp

2013-10-29 10:26:04 -------- d-----w- C:\ProgramData\Malwarebytes

2013-10-30 10:39:49 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[]

mkfipnnefaefkjnklmlbckelgegkbdmn - C:\Program Files (x86)\uLyrics\133.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[20/03/2013 15:40]

Google Drive - Van Gent - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Van Gent - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Van Gent - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Chrome In-App Payments service - Van Gent - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Van Gent - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Reset Google Chrome ======================

C:\Users\Van Gent\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Van Gent\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkfipnnefaefkjnklmlbckelgegkbdmn deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Van Gent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Van Gent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Van Gent\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\VANGEN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 31/10/2013 at 21:28:51,11 ======================

[djdanvan]

Nog even meegeven;

Er staan steeds nog 7 updates dat ik NIET kan installeren.

Steeds komt er een venster met de fout code 80070663 of 800B100

grts djdanvan

[juisterr]

Hij blijft ergens op hangen, dat gebeurt.

Probeer dit eens Windows Installer CleanUp

[djdanvan]

Juister?

Laptop lijkt in orde, maar de updates blijven nog steeds hangen.

groeten djdanvan

[juisterr]

Dat had nu opgelost moeten zijn, misschien kan je die vraag beter hier Windows stellen, verwijs wel naar dit topic.