Archief - Blauw scherm + automatisch afsluiten

zipke · 15 dec 2012

PART 2/2

-12-13 17:35:05 4A8CFB2638B946154FC74CD4BECBDCEC 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2012-12-13 17:35:05 3326166011C9BC13D6A8EFD856E9921C 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-12-13 17:35:05 2299E1067A7027E25281177830E0F5A7 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2012-12-13 17:35:03 E00F3E011103F0D788EC727374BFB50A 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2012-12-09 15:57:10 12EAF21691059826B00C56062BA1EAF0 140968 ----a-w- C:\Users\Rudolf\Downloads\etypesetup.exe
2012-12-09 09:56:34 22385EE33688B10B61DA1D8CA9549E4B 120192 ----a-w- C:\Users\pitopia\AppData\Local\temp\clear.fiClient\cabarc.exe
2012-12-08 21:38:14 22385EE33688B10B61DA1D8CA9549E4B 120192 ----a-w- C:\Users\Rudolf\AppData\Local\Temp\clear.fiClient\cabarc.exe
=== C: other files ==
2012-12-13 21:22:25 F9D038A8C2BDC3AE2548150A7AED0F8A 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2012-12-13 21:22:25 D869ACB7C3DA1B823765DB3CBE2E3DD4 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2012-12-13 21:22:25 CCA6A20181B7719B584AEE1DD6542A4E 149552 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2012-12-13 21:22:25 6938377454A025812CA346B37962F522 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2012-12-13 21:22:25 5E78D5CAF5917FA1FDC71A80CF0D5234 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2012-12-13 21:22:25 543BBE783E2CA0D58E1981BD75483BAD 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2012-12-13 21:22:25 4071D132E66ACDA3776F1FEAD19E6E01 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2012-12-13 21:22:25 1D4127FE151165C5FB9C0EED8701A3D1 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2012-12-13 21:22:25 08D0F87AA3F6DF47658E9ACD4D082027 248320 ----a-w- C:\Windows\System32\ieui.dll
2012-12-13 21:22:24 E290E3FDF645DF29D00D6368B9127E30 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2012-12-13 21:22:24 C1D0691BE5DDB0C230D8370BD96BBE8B 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2012-12-13 21:22:24 9568BB33BBAD356EDD6CDE988E570523 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-12-13 21:22:24 62CBF36E3E10BAA74224BC7A6DD998B5 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2012-12-13 21:22:24 56336BB69172A2CEE15B2491DB4C70C1 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2012-12-13 21:22:24 478FDA5AB59331259538FB7B02026836 237056 ----a-w- C:\Windows\System32\url.dll
2012-12-13 21:22:24 4266A3230981DD4434C55957F6DD497D 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2012-12-13 21:22:24 31B0448CC0694378106582F46D0D07E4 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2012-12-13 21:22:24 1DBA462CF92D890D8F8E6472E7E8B4B4 1346048 ----a-w- C:\Windows\System32\urlmon.dll
2012-12-13 21:22:23 BC9CE770AB55DC36349517B4E5E74A12 66048 ----a-w- C:\Windows\SysWOW64\migration\WininetPlugin.dll
2012-12-13 21:22:23 A3FA99A16F10D44EDB7A8C340FA2EE1B 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2012-12-13 21:22:23 A0F52880DDD164F968BE903C1FECD27E 2144768 ----a-w- C:\Windows\System32\iertutil.dll
2012-12-13 21:22:23 9000CC4505B4545F2B51CFD34277B2E2 86528 ----a-w- C:\Windows\System32\migration\WininetPlugin.dll
2012-12-13 21:22:23 8E38CE628D4817D949DD31D77A7F21CD 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2012-12-13 21:22:23 7FA3A810F383588D46220967DE8B64FF 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2012-12-13 21:22:23 780E80E5502015EDAEC91DC0A0C96A79 1793024 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2012-12-13 21:22:23 6E6602DE23AB3776007702FC9540E8E9 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-12-13 21:22:23 5121DB613E10A46A3C5085B479026AA7 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-12-13 21:22:23 31525BC38F219E3E17D8AF11DA0FAE3E 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2012-12-13 21:22:23 0A866897039E42DF8080BE5DD83BC8E0 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2012-12-13 21:22:23 046AD878F246D3801B719700B543A6EE 816640 ----a-w- C:\Windows\System32\jscript.dll
2012-12-13 21:22:22 DC7D3ADCC1F2729514780F611D6590EC 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2012-12-13 21:22:22 63861BA77FFAF9132DEE6211D1B5C1E5 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-12-13 21:22:22 4C34FD8C56DB38DF6F969AFDDDF4AB83 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2012-12-13 21:22:22 07F649CD36F266BBE33B814FA678AA43 12320256 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2012-12-13 21:22:22 04CD7AFC3D66345DE15130D44E1ABC36 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2012-12-13 21:22:21 CFF3C4ABDCC5356B0674743BDF0FB674 17811968 ----a-w- C:\Windows\System32\mshtml.dll
2012-12-13 21:22:20 C71E7ABB1A34E56CE73AE117C8DD566F 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2012-12-13 21:22:20 5466DCAEF5A648E04D1B6580F2C901B5 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2012-12-13 18:48:36 BDD6090747EBE05132A63C2DF51209BF 105472 ----a-w- C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
2012-12-13 17:35:13 B39B8CC163C41B12FE83E777199F3378 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2012-12-13 17:35:13 3D2D108E14AD21889A2621B94C80A3DD 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-13 17:35:11 C58923115CDE6071C3BF2FF063546E9F 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-13 17:35:09 E543D373382C3B76D3BC27585DEF3907 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-13 17:35:09 A927E51E6C39DDE8BB4A488A22DDAAAB 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2012-12-13 17:35:09 8C5201D789F96FE4DAAAA4B0A2D5F1E6 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2012-12-13 17:35:09 4FF0BC10514D0816586D0B129D4D376B 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-13 17:35:05 E337DE8814EABEDEA01919B94D323078 44032 ----a-w- C:\Windows\AppPatch\acwow64.dll
2012-12-13 17:35:05 DA15883524770E44CA94D38E9FD54E3D 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2012-12-13 17:35:05 D4F3176082566CEFA633B4945802D4C4 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2012-12-13 17:35:05 98168B9B0656A01A321FF1BECB2C03E1 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-12-13 17:35:05 746D54D4505D7DD64A7204E9356662D3 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2012-12-13 17:35:05 72CC564BBC70DE268784BCE91EB8A28F 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-12-13 17:35:05 6F2E324703E6D22B9934C33DA48F1F01 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-13 17:35:05 6F08CABF92AF8FAB3509DD9F313B83F9 4096 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 17:35:05 2970785A72054740E1A5DCEB32485486 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-12-13 17:35:05 23A6A58BE46A1D6538B33D0F5535EEBE 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-12-13 17:35:05 1DC3504CA4C57900F1557E9A3F01D272 1161216 ----a-w- C:\Windows\System32\kernel32.dll
2012-12-13 17:35:05 15B30F15BD13640B337A0FC37BD48CDE 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-12-13 17:35:05 0978C2B33BDD0A7E6C563AA337DC8BA0 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2012-12-13 17:35:03 ED6346350B051FA98F755518E1DBC9C4 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 17:35:03 EC0A0E7B3537BB2912221D4933216727 4096 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 17:35:03 EAAA1E6695B3D5F834E91F41EB1BD9B2 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 17:35:03 E06E5AA16B3F7C72CDE3593CE87411BB 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 17:35:03 DF38FFD9127965E857E6E8BF41E3AD66 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 17:35:03 DE4B59CD672B016B0827D7FBBBB13B74 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 17:35:03 D98882549D5D1246039BCF421202EB2E 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 17:35:03 D7573A8D927B68F962BD0B5DA6603EEF 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 17:35:03 D433E08B64837534AFB786E454BAB61E 5120 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-13 17:35:03 CD2FCB8F13EABE7702A8AE7DE49E90E5 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 17:35:03 CBE6C675D3B10E48EF7B25A5FF07B46D 4096 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-13 17:35:03 CAF11064A276247FE9F30AB06C4F2F2C 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 17:35:03 C1FA7D1A6548037873C90D4EEE34DF2B 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 17:35:03 C1D840725CBC18F1232B832083EAE51D 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 17:35:03 BC24199038F4BE63A1825CF168408120 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-13 17:35:03 BA959333F88D1FAF934CC1318AC3B69E 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-12-13 17:35:03 B4FCCE5BA0990AE78809379CB0C3873C 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 17:35:03 B45124A0A5E60906AB72B48C25348835 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 17:35:03 B1A6900FE182F839DA1B58CDC9E0B3AE 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-12-13 17:35:03 A2C23B02DC32AA8D3801B84FB54137A6 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 17:35:03 A05FA0E17EA9ADE6DC9B5C2BEC224030 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 17:35:03 97188F405255248AC8316001411D9CC5 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-13 17:35:03 9335B95493FA6CBDF553E36820983A29 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 17:35:03 91EF240DDB541D9FD62EBDC719EAE93A 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 17:35:03 818C4DEC5316EA1147D059E4CAE75453 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 17:35:03 7B02A73700CC99A0B9E4D4C0AA2028BA 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-12-13 17:35:03 7978B487E3FBBC666A494EBECBFB26A9 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 17:35:03 73AF314C216F08A1C97BC03ECAD3A423 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 17:35:03 72D37545BC03B38537C3ACC7FA8FCA3A 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 17:35:03 6B28D57A511929227FF1C8F412C1A3F9 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 17:35:03 695612AA7E235938E1683CD00D61D157 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 17:35:03 63416D211D4B15FD841A21E508081F4C 4096 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 17:35:03 580BE75B6D90FF6D0C08E5AAD2213C55 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 17:35:03 545466F436F875D0FFC171C12CAC3244 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 17:35:03 50A078C76D94014B61238F1118B6E02C 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 17:35:03 4A01572D2030D49CEB0A319DE0BFF53C 4096 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 17:35:03 42B7B6D5D9AE16C5793CE28029174D5E 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 17:35:03 3C3685C29EEF909266F124A184F849E6 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-13 17:35:03 3B319CC2334AC0D15BE25A5994065F13 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 17:35:03 2B9B097C293696DBC473CEF9F623C980 3584 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 17:35:03 2A1A2C962BB789EF8EE8CF8CB8F100C0 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 17:35:03 28DC7159AC48CF4622D3D222590897C8 5120 ---ha-w- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-12-13 17:35:03 244483EF6648ABE51A12C7EB01EB0A60 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-12-13 17:35:03 20DC238620F694575DDEE8EC95265774 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 17:35:03 1A208F0CEB6DE90A7EE3D4469B3A88BA 4608 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 17:35:03 18B5290C01924D87DDD0480BC8FAB8D6 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 17:35:03 1818CCEE5CFC3FCC876F42643109F2C0 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-13 17:35:03 1697959965BC58308D046048A69E6C1E 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 17:35:03 139590E1C420A439F23F261979A59BC4 3072 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 17:35:03 0E3CEB4FCE14AF72FBAAAE754A7C136A 4608 ---ha-w- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 17:35:03 07D74D633327AFF7E2360F32F83D8200 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-12-13 17:35:03 03164C3DD1DCE155A2528DE6CC878975 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 17:35:03 028685592EF723982C5D6B98D6C4893D 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 17:34:57 374CE9DAB2F0CB173B8FCF3AB8DB5D1B 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-13 17:34:57 310F6F492A3B4B1020ED9BF9CCBBE6B6 376832 ----a-w- C:\Windows\SysWOW64\dpnet.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-887661970-833271505-2661324671-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-887661970-833271505-2661324671-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"GoogleChromeAutoLaunch_E0CABDBA8E9B8D4F84D664A6768B0D0F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-21-887661970-833271505-2661324671-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"ScrSav"="C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TouchPortalV3Launcher"="C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe na"
"Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"GoogleChromeAutoLaunch_E0CABDBA8E9B8D4F84D664A6768B0D0F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Rudolf\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
"RegUse"="C:\\Program Files (x86)\\RegUse\\RegUse.exe"
"beid"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup"

==== Startup Folders ======================

2011-11-16 11:13:57 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/12/2012 12:34]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/02/2012 18:31]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/02/2012 18:31]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKCU\*\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pitopia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pitopia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Rudolf\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WPF6EF7.tmp will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Rudolf\AppData\Local\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\Rudolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WPF6EF7.tmp" not found

Juisterr · 17 dec 2012

Dat ruimt lekker op, hoe gaat het nu ?

zipke · 21 dec 2012

Juisterr zei:
Dat ruimt lekker op, hoe gaat het nu ?

Hij crasht nog steeds, wel veeeeeeeel minder (vroeger hield hij het maximum 10 minuten uit).. Maar soms krijg ik het blauw scherm nog, wat niet de bedoeling kan zijn, en ook tot frustratie leidt als ge iets aant maken zijt dat niet opgeslagen werd

zipke · 22 dec 2012

zipke zei:
Hij crasht nog steeds, wel veeeeeeeel minder (vroeger hield hij het maximum 10 minuten uit).. Maar soms krijg ik het blauw scherm nog, wat niet de bedoeling kan zijn, en ook tot frustratie leidt als ge iets aant maken zijt dat niet opgeslagen werd

Edit van mijn post van gisteren: hij valt vandaag bijna om de 5(!!!!!!!) minuten uit. -- zit gewoon op internet te surfen.. :cry:

Juisterr · 22 dec 2012

Download Windows Repair (all in one) van deze site: Windows Repair (All In One)
Installeer het programma.
Start het programma.
Windows 7 en Vista gebruikers rechtsklik -> uitvoeren als Administrator.
Ga naar stap 3 en ga ermee akkoord dat SFC (System File Check) gestart wordt.

Daarna ga je naar Start Repairs en klik op start.
Selecteer de volgende items en klik op restart system when finished.

zipke · 22 dec 2012

Wist niet welke ik moest posten, maar vorige keer was het een combofix die je vroeg na een windows repair:

ComboFix 12-12-04.01 - Rudolf 22/12/2012 19:50:57.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6048.3801 [GMT 1:00]
Gestart vanuit: c:\users\Rudolf\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-11-22 to 2012-12-22 ))))))))))))))))))))))))))))))
.
.
2012-12-15 20:48 . 2012-11-01 21:55 24064 ----a-w- c:\windows\zoek-delete.exe
2012-12-13 17:35 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 17:34 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 17:34 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-10 19:37 . 2012-12-10 19:37 -------- d-----w- c:\users\Rudolf\AppData\Local\Windows Live Writer
2012-12-10 19:37 . 2012-12-10 19:37 -------- d-----w- c:\users\Rudolf\AppData\Roaming\Windows Live Writer
2012-12-08 19:01 . 2012-12-22 18:26 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2012-12-08 19:01 . 2012-12-08 19:01 809 ----a-w- C:\temp931.bat
2012-12-08 19:01 . 2012-12-22 18:32 181064 ----a-w- c:\windows\PSEXESVC.EXE
2012-12-08 19:01 . 2004-06-11 23:33 290304 ----a-w- C:\subinacl.exe
2012-12-08 18:59 . 2012-12-08 18:59 -------- d-----w- C:\RegBackup
2012-12-08 18:38 . 2012-12-22 18:32 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2012-12-08 18:33 . 2012-12-08 18:33 -------- d-----w- c:\program files (x86)\Tweaking.com
2012-11-26 18:05 . 2012-11-26 18:05 -------- d-----w- c:\users\pitopia
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 21:23 . 2012-01-21 17:08 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 11:34 . 2012-09-09 07:26 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 11:34 . 2011-08-26 08:24 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 22:50 . 2011-12-30 17:33 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-18 20:09 . 2012-10-18 20:10 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-18 20:09 . 2012-05-05 15:31 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-18 20:09 . 2012-05-05 15:31 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-16 08:38 . 2012-11-28 21:00 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 21:00 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 21:00 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 16:14 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 16:14 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 16:14 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 16:14 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 17:35 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 16:13 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 16:13 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 16:13 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 16:13 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 16:13 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 16:13 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 16:13 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 16:13 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 16:13 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 16:13 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 16:13 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47 . 2012-11-14 16:13 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-14 16:13 95744 ----a-w- c:\windows\system32\synceng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Rudolf\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Rudolf\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Rudolf\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-03-26 1516600]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"GoogleChromeAutoLaunch_E0CABDBA8E9B8D4F84D664A6768B0D0F"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-12-05 1242728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-08-24 430696]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-05 626792]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-15 1136928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders credssp.dll, schannel.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"RegUse"=c:\program files (x86)\RegUse\RegUse.exe
"beid"="c:\program files (x86)\Belgium Identity Card\beid35gui.exe" /startup
.
R2 CLKMSVC10_34E30CCC;CyberLink Product - 2012/04/04 18:05;c:\program files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [2011-05-06 245744]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2012-01-26 44672]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-07-14 27240]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-31 283200]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-08-26 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-08-26 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-26 62776]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-04-10 75104]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-04-10 385376]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
S3 AVerIT13x;AVerMedia A373 MiniCard Dual DVB-T;c:\windows\system32\Drivers\AVerIT13x_x64.sys [2011-07-11 192768]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-02-15 349736]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-15 39464]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-05-11 31216]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2011-07-05 8204904]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - CLKMDRV10_34E30CCC
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2012-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-09 11:34]
.
2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 17:31]
.
2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 17:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Rudolf\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Rudolf\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Rudolf\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Rudolf\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-19 12858984]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-09-19 2278504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Rudolf\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: cbc.be\cbc-pdf
Trusted Zone: cbc.be\cbconline
Trusted Zone: cbc.be\static
Trusted Zone: cbc.be\www
Trusted Zone: cbc.eu\www
Trusted Zone: isabel.be\*.IBS6
Trusted Zone: isabel.be\gotoIBS6
Trusted Zone: isabel.be\pki
Trusted Zone: isabel.be\www
Trusted Zone: isabel.eu\upgrade
Trusted Zone: isabel.eu\www
Trusted Zone: kbc.be\kbc-pdf
Trusted Zone: kbc.be\kbconline
Trusted Zone: kbc.be\static
Trusted Zone: kbc.be\www
Trusted Zone: kbc.com\www
Trusted Zone: kbc.eu\www
Trusted Zone: kbcam.be\www
Trusted Zone: kbcam.com\www
Trusted Zone: kbcbankingforbusiness.com\www
Trusted Zone: kbcgroup.eu\multimediafiles
Trusted Zone: kbcgroup.eu\www
Trusted Zone: kbcmerchantbanking.com\www
TCP: DhcpNameServer = 195.130.130.1 195.130.131.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-12-22 19:56:05
ComboFix-quarantined-files.txt 2012-12-22 18:56
ComboFix2.txt 2012-12-08 19:40
ComboFix3.txt 2012-12-07 19:24
.
Pre-Run: 116.649.902.080 bytes beschikbaar
Post-Run: 116.341.792.768 bytes beschikbaar
.
- - End Of File - - F83DAA1CD44E96830F0D1FF27257DA22

Juisterr · 22 dec 2012

https://www.beyondgaming.be/archive/software.22/blauw-scherm-automatisch-afsluiten.895540

deze aub. Repair.

zipke · 22 dec 2012

Die windows repair heb ik gedraaid he, maar daarna krijg je geen logje of dergelijke?

Daarom dat ik een Combofix postte, aangezien je dat de eerste keer ook vroeg.
Of heb je deze keer een Hijackthis-logje nodig?

Juisterr · 23 dec 2012

DDS aub.

We gaan een analyse maken van je computer en gebruiken hiervoor de tool DDS.
Dit is een diagnosetool en maakt gebruik van scripts. Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.

Downloadt DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:
DDS - Techsupport download.
DDS - Bleeping download.
DDS - Forospyware Download.
Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
Beide logfiles sla je op je bureaublad.

Archief - Blauw scherm + automatisch afsluiten

zipke

Legacy Member

Juisterr

Legacy Member

zipke

Legacy Member

zipke

Legacy Member

Juisterr

Legacy Member

zipke

Legacy Member

Juisterr

Legacy Member

zipke

Legacy Member

Juisterr

Legacy Member