geluid stopt met werken

Moderator: Rhiannon

Gebruikersavatar
Berichten: 7.390

geluid stopt met werken

Hey,

Ik heb mijn laptop intussen een dikke drie jaar, en aan de posts hier, zullen jullie wel al gemerkt hebben dat er af en toe eens iets met misloopt ;)

Wat ik tegenwoordig erg vaak heb (bijna dagelijks), is dat mijn geluid het ineens begeeft. Ik ben dus muziek aan het luisteren, en van het ene op het andere ogenblik is er geen geluid meer (als ik oortjes inheb, hoor je soms een metaalachtig trillen aan redelijk hoge frequentie, dit stopt na de oortjes te unpluggen en opnieuw in te pluggen, maar het geluid komt niet weer).

Enige oplossing is heropstarten.

Verdere info/opmerkingen:

* het is een legale Windows 7 64 bit (via universiteit)

* HP dv7 Pavilion 2200eb

* de 'troubleshooter vindt (uiteraard) geen problemen

Iemand een ideetje waar dit aan kan liggen?

Alvast bedankt!
"C++ : Where friends have access to your private members." Gavin Russell Baker.

Gebruikersavatar
Berichten: 1.146

Re: geluid stopt met werken

Hoi,

Dit ruikt een beetje naar hardwareproblematiek vrees ik :? . Je zou eens kunnen controleren als je de laatste audio driver hebt geïnstalleerd via de website van HP.
A word of encouragement during a failure is worth more than an hour of praise after success.

I hear, I know. I see, I remember. I do, I understand -Confucius-

Gebruikersavatar
Berichten: 7.390

Re: geluid stopt met werken

Ja, ik vrees ook zoiets. Vreemd dat het dan opgelost is met herstarten. Toch bedankt ;)
"C++ : Where friends have access to your private members." Gavin Russell Baker.

Gebruikersavatar
Moderator
Berichten: 8.166

Re: geluid stopt met werken

Als het geluid verdwenen is, is dan het luidsprekertje 'gedempt' ? (rechtsonder, speakertje met verbodsbordje erbij).

Het probleem treedt onder Windows 7 vaak op, en is meestal niet hardware gerelateerd. Een paar van de vele mogelijke oorzaken:
  • Sounddrivers met een defectje (zoek even op HP of je de nieuwste hebt)
  • Problemen met het powermanagement, en met name de slaapstand (kijk of er nog meer nieuwe drivers van HP, bijvoorbeeld voor de chipset, aanwezig zijn)
  • Codec's met een foutje, mogelijk later geïnstalleerd (met pakketten als Vlc, K-lite en andere codec pack's, maar ook QuickTime en iTunes)
Aangezien het probleem pas later op is gaan treden, zouden later geïnstalleerde codec's en multimedia tools de eerst aangewezen kandidaat zijn om in te zoeken. Check het apparaat ook terdege op malware dat ook wel eens tot dit probleem wil leiden.

Google eens naar "windows 7 audio stops working reboot". Helaas is de lijst van mogelijke oorzaken enorm (ik kreeg 20 miljoen hits met Google).

Je zou in de Windows logboeken kunnen kijken naar de meest recente foutmelding direct nadat het geluid is gestopt, mogelijk vind je daar een aanwijzing.

Gebruikersavatar
Berichten: 1.146

Re: geluid stopt met werken

Michel haalt wel nog een aantal interessante punten aan waar het misschien wel de moeite loont om eens te kijken.

Wat het powermanagment betreft: verwijder ook eens de batterij en werk louter op netstroom.

Codecs lijken me eveneens de aangewezen kandidaat als het niet hardware gerelateerd is. Malware als specifieke oorzaak van geluidsproblemen heb ik nog niet meegemaakt, maar als je een malware controle wil roep je maar eens ;) .

Voor de logboeken kan je dit eens doen:

Ga naar start - uitvoeren, typ eventvwr.msc en klik op OK.

Klik op windows logboeken

Open het logboek voor toepassingen.

In de rechterkolom bij acties klik je op huidig logboek filteren.

Bij geregistreerd selecteer je de afgelopen 24 uur en bij niveau vink je kritiek en fout aan. Klik op OK.

Selecteer alle gebeurtenissen

Klik nu onderaan in de kolom acties op geselecteerde gebeurtenissen opslaan.

Bepaal de locatie en noem het bestand AppLog om op te slaan.

Bij opslaan als selecteer je tekst (door tabs gescheiden) (.txt)

Herhaal bovenstaande voor het Windows Logboek Systeem en noem het bestand Syslog.

Plaats de inhoud van beide bestanden in je volgende bericht of voeg deze toe als bijlage.
A word of encouragement during a failure is worth more than an hour of praise after success.

I hear, I know. I see, I remember. I do, I understand -Confucius-

Gebruikersavatar
Berichten: 7.390

Re: geluid stopt met werken

Ik heb de drivers voor chipset en geluid van de site van hp gehaald. Het lijkt opgelost. Dacht nochtans dat het in orde was, aangezien ik ze recentelijk had geïnstalleerd.

Bedankt voor de andere nuttige inbreng!
"C++ : Where friends have access to your private members." Gavin Russell Baker.

Gebruikersavatar
Moderator
Berichten: 8.166

Re: geluid stopt met werken

Check zekerheidshalve de computer met een malware tool als Malwarebytes, die drivers raken niet vanzelf defect. Downloaden, updaten en een volledige scan laten doen. Na gebruik kan je het weer deïnstalleren.

Gebruikersavatar
Berichten: 7.390

Re: geluid stopt met werken

Te vroeg gejuicht ook. Zelfde probleem. Ik ga een poging wagen.
"C++ : Where friends have access to your private members." Gavin Russell Baker.

Gebruikersavatar
Moderator
Berichten: 8.166

Re: geluid stopt met werken

Ok, ben benieuwd.

Vindt malwarebytes niets, dan wordt het tijd om in de logboeken te duiken naar aanwijzingen.

Ik weet niet welke AV software je gebruikt, het kan geen kwaad eens een grondige check te doen met een van de on-line scanners, bijvoorbeeld die van Eset Er zijn namelijk een aantal beestjes in de omloop die het speciaal op Codec's (zeg maar interfaces tussen het woud aan mediabestanden en Windows) hebben voorzien.

Daarnaast zijn er ook gebrekkig geschreven third party Codec's in de omloop die allerhande multimediale en Windows problemen kunnen veroorzaken.

Gebruikersavatar
Berichten: 7.390

Re: geluid stopt met werken

Ik ga er vanavond mee aan de slag, Malwarebytes vond in ieder wel al iets gisteren, al was het erg onduidelijk of het gerelateerd was aan deze issue.

Ik ga Comodo vanavond nog eens door de computer laten lopen ook. Ik hou jullie op de hoogte.
"C++ : Where friends have access to your private members." Gavin Russell Baker.

Gebruikersavatar
Berichten: 7.390

Re: geluid stopt met werken

Uit de logboeken:

Code: Selecteer alles

Log Name:	  System

Source:		Microsoft-Windows-WER-SystemErrorReporting

Date:		  16/04/2013 23:42:42

Event ID:	  1001

Task Category: None

Level:		 Error

Keywords:	  Classic

User:		  N/A

Computer:	  Glenn-PC

Description:

The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000005, 0xfffffa8006239b20). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041613-34335-01.

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  <System>

<Provider Name="Microsoft-Windows-WER-SystemErrorReporting" Guid="{ABCE23E7-DE45-4366-8631-84FA6C525952}" EventSourceName="BugCheck" />

<EventID Qualifiers="16384">1001</EventID>

<Version>0</Version>

<Level>2</Level>

<Task>0</Task>

<Opcode>0</Opcode>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="2013-04-16T21:42:42.000000000Z" />

<EventRecordID>46246</EventRecordID>

<Correlation />

<Execution ProcessID="0" ThreadID="0" />

<Channel>System</Channel>

<Computer>Glenn-PC</Computer>

<Security />

  </System>

  <EventData>

<Data Name="param1">0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000005, 0xfffffa8006239b20)</Data>

<Data Name="param2">C:\Windows\MEMORY.DMP</Data>

<Data Name="param3">041613-34335-01</Data>

  </EventData>

</Event>
en

Code: Selecteer alles

Log Name:	  System

Source:		Microsoft-Windows-WER-SystemErrorReporting

Date:		  16/04/2013 23:42:42

Event ID:	  1001

Task Category: None

Level:		 Error

Keywords:	  Classic

User:		  N/A

Computer:	  Glenn-PC

Description:

The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000005, 0xfffffa8006239b20). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041613-34335-01.

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  <System>

<Provider Name="Microsoft-Windows-WER-SystemErrorReporting" Guid="{ABCE23E7-DE45-4366-8631-84FA6C525952}" EventSourceName="BugCheck" />

<EventID Qualifiers="16384">1001</EventID>

<Version>0</Version>

<Level>2</Level>

<Task>0</Task>

<Opcode>0</Opcode>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="2013-04-16T21:42:42.000000000Z" />

<EventRecordID>46246</EventRecordID>

<Correlation />

<Execution ProcessID="0" ThreadID="0" />

<Channel>System</Channel>

<Computer>Glenn-PC</Computer>

<Security />

  </System>

  <EventData>

<Data Name="param1">0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000005, 0xfffffa8006239b20)</Data>

<Data Name="param2">C:\Windows\MEMORY.DMP</Data>

<Data Name="param3">041613-34335-01</Data>

  </EventData>

</Event>
en

Code: Selecteer alles

Log Name:	  Microsoft-Windows-International/Operational

Source:		Microsoft-Windows-International

Date:		  12/04/2013 22:44:18

Event ID:	  1001

Task Category: NLS locale functions

Level:		 Critical

Keywords:	  

User:		  SYSTEM

Computer:	  Glenn-PC

Description:

The NLS operation failed because the registry key HKCU\Control Panel\International cannot be opened. Error code is 19. Error message: The media is write protected.

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  <System>

<Provider Name="Microsoft-Windows-International" Guid="{3AA52B8B-6357-4C18-A92E-B53FB177853B}" />

<EventID>1001</EventID>

<Version>0</Version>

<Level>1</Level>

<Task>35</Task>

<Opcode>31</Opcode>

<Keywords>0x8000000000000000</Keywords>

<TimeCreated SystemTime="2013-04-12T20:44:18.057014600Z" />

<EventRecordID>1</EventRecordID>

<Correlation />

<Execution ProcessID="4060" ThreadID="11132" />

<Channel>Microsoft-Windows-International/Operational</Channel>

<Computer>Glenn-PC</Computer>

<Security UserID="S-1-5-18" />

  </System>

  <EventData>

<Data Name="RegistryKey">HKCU\Control Panel\International</Data>

<Data Name="ErrorCode">19</Data>

<Data Name="Message">The media is write protected.

</Data>

  </EventData>

</Event>
"C++ : Where friends have access to your private members." Gavin Russell Baker.

Gebruikersavatar
Berichten: 1.146

Re: geluid stopt met werken

Hoi,

Even een controle voor wat de malware betreft. Hieronder gelijk de eerste test ;)

Download RSIT van de onderstaande locaties en sla deze op het bureablad op.

Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.
Dubbelklik op RSIT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.
A word of encouragement during a failure is worth more than an hour of praise after success.

I hear, I know. I see, I remember. I do, I understand -Confucius-

Gebruikersavatar
Berichten: 7.390

Re: geluid stopt met werken

Logfile of random's system information tool 1.09 (written by random/random)

Run by Glenn at 2013-04-17 10:01:30

Microsoft Windows 7 Professional N Service Pack 1

System drive C: has 151 GB (35%) free of 429 GB

Total RAM: 4063 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:01:39, on 17/04/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe

C:\Users\Glenn\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Windows\SysWOW64\prevhost.exe

C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\trend micro\Glenn.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O4 - HKCU\..\Run: [GmailNotifierPro] C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe /minimized

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = C:\Users\Glenn\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager (mitsijm2013) - - C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11210 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

winlogon.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

atieclxx

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\svchost.exe -k NetworkService

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe

"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"

"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"

"C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\IDT\WDM\sttray64.exe"

"C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe" /minimized

"C:\Users\Glenn\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

taskeng.exe {D9C63632-9DEB-499A-8958-F0F0DA3495A6}

"C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k secsvcs

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3204.0.2033897581\1333270208" --supports-dual-gpus=false --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9480 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.2000 --ignored=" --type=renderer " /prefetch:12

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3204.2.965430364\964810965" /prefetch:3

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3204.3.513214404\903344665" /prefetch:3

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3204.4.2058247425\1788303201" /prefetch:3

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\np_dvs_plugin.dll" --lang=nl --channel="3204.5.1004685344\236586524" /prefetch:4

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3204.6.1459333697\512113579" --lang=nl --ignored=" --type=renderer " /prefetch:13

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files (x86)\Skype\Phone\Skype.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3204.11.97843723\1011068403" /prefetch:3

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3204.20.56503575\1060094464" /prefetch:3

"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "C:\Users\Glenn\Downloads\veelhoeken.pdf"

"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=4428.1.1189397831 --type=renderer "C:\Users\Glenn\Downloads\veelhoeken.pdf"

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

C:\Windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding

C:\Windows\SysWOW64\prevhost.exe {DC6EFB56-9CFA-464D-8880-44885D7DC193} -Embedding

"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" /b /id 4248_3223 /if pdfshell_prevde700ce3-b91e-45b5-9de8-dc767cc5bf1d

"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=4240.1.439610172 --type=renderer /b /id 4248_3223 /if pdfshell_prevde700ce3-b91e-45b5-9de8-dc767cc5bf1d

"taskhost.exe"

"C:\Program Files\Eclipse\eclipse\eclipse.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3204.28.509017633\453002508" /prefetch:3

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3204.34.1679553258\2146413487" /prefetch:3

SCIA -T Glenn-PC 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 516e4db5 -l logs/SCIA.log

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3204.43.1438739559\819795848" /prefetch:3

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_37/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3204.44.325991940\1293458860" /prefetch:3

"C:\Windows\system32\mspaint.exe"

"C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe"

"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516

"C:\Users\Glenn\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Glenn\AppData\Roaming\Mozilla\Firefox\Profiles\rqrgh6qb.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.6.602.180 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.6.602.180 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\

bing.xml

bolcom-nl.xml

google.xml

marktplaats-nl.xml

wikipedia-nl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-16 553376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-16 211360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-01-30 342176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-23 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-23 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-01-30 281760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-07-24 1560872]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-08-12 456192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GmailNotifierPro"=C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2012-11-11 2371496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-10-01 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]

C:\Users\Glenn\AppData\Local\Akamai\netsession_win.exe [2013-01-26 4480768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]

C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-07-25 418280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]

C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-11-07 934152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU]

C:\Windows\system32\windows\winsvr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKLM]

C:\Windows\system32\windows\winsvr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN]

C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe [2013-02-04 196784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

C:\Program Files (x86)\Steam\Steam.exe [2013-03-26 1631144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voobly]

C:\Program Files (x86)\Voobly\voobly.exe [2013-04-14 139264]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

""= []

C:\Users\Glenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Glenn\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

.scr - open - C:\Windows\system32\notepad.exe "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 month======

2013-04-17 10:01:31 ----D---- C:\Program Files\trend micro

2013-04-17 10:01:30 ----D---- C:\rsit

2013-04-17 09:50:23 ----D---- C:\Program Files (x86)\Trend Micro

2013-04-17 08:17:06 ----D---- C:\Users\Glenn\AppData\Roaming\NetBeans

2013-04-16 23:15:59 ----D---- C:\Program Files\glassfish-3.1.2.2

2013-04-16 23:10:45 ----D---- C:\Program Files\NetBeans 7.3

2013-04-16 23:08:47 ----A---- C:\Windows\system32\javaws.exe

2013-04-16 23:08:38 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll

2013-04-16 23:08:38 ----A---- C:\Windows\system32\javaw.exe

2013-04-16 23:08:38 ----A---- C:\Windows\system32\java.exe

2013-04-16 23:03:46 ----D---- C:\Program Files\Sublime Text 2

2013-04-16 22:49:45 ----D---- C:\xampp

2013-04-16 22:27:38 ----D---- C:\Users\Glenn\AppData\Roaming\SWI-Prolog

2013-04-16 22:27:30 ----D---- C:\Program Files\swipl

2013-04-16 21:21:59 ----D---- C:\Program Files (x86)\Haskell Platform

2013-04-16 20:30:28 ----D---- C:\Users\Glenn\AppData\Roaming\Malwarebytes

2013-04-16 20:30:14 ----D---- C:\ProgramData\Malwarebytes

2013-04-16 20:30:13 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-04-16 20:30:13 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-04-15 21:29:54 ----D---- C:\Program Files (x86)\Intel

2013-04-15 21:29:54 ----A---- C:\Windows\SYSWOW64\CSVer.dll

2013-04-15 21:29:41 ----D---- C:\Intel

2013-04-15 21:28:45 ----N---- C:\Windows\system32\stapi64.dll

2013-04-15 21:28:07 ----A---- C:\Windows\system32\AESTEC64.dll

2013-04-15 21:28:07 ----A---- C:\Windows\system32\AESTAR64.dll

2013-04-15 21:28:07 ----A---- C:\Windows\system32\AESTAC64.dll

2013-04-15 21:28:06 ----A---- C:\Windows\system32\stlang64.dll

2013-04-15 21:28:06 ----A---- C:\Windows\system32\idt64mp1.exe

2013-04-15 21:28:06 ----A---- C:\Windows\system32\AESTCo64.dll

2013-04-15 21:28:06 ----A---- C:\Windows\sttray64.exe

2013-04-15 21:28:05 ----D---- C:\Windows\system32\SRSLabs

2013-04-15 21:27:29 ----A---- C:\Windows\system32\staco64.dll

2013-04-15 21:27:27 ----A---- C:\Windows\system32\stcplx64.dll

2013-04-15 21:27:27 ----A---- C:\Windows\system32\stapo64.dll

2013-04-15 21:27:27 ----A---- C:\Windows\system32\drivers\stwrt64.sys

2013-04-15 21:27:23 ----D---- C:\Program Files\IDT

2013-04-15 21:24:06 ----D---- C:\Program Files (x86)\HP

2013-04-13 17:09:03 ----D---- C:\ProgramData\Steam

2013-04-13 17:05:32 ----D---- C:\Program Files (x86)\Age of Empires II HD

2013-04-12 10:09:01 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-04-10 22:57:21 ----D---- C:\Program Files (x86)\Elaborate Bytes

2013-04-08 17:04:18 ----D---- C:\ProgramData\CyberLink

2013-04-08 17:04:03 ----D---- C:\Users\Glenn\AppData\Roaming\CyberLink

2013-04-08 16:56:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2013-04-08 16:55:06 ----D---- C:\Program Files (x86)\Hewlett-Packard

2013-04-08 16:54:09 ----D---- C:\ProgramData\Temp

2013-04-08 16:49:30 ----A---- C:\Windows\system32\HPMSWebcam.dll

2013-04-08 16:49:26 ----D---- C:\System.sav

2013-04-08 16:47:46 ----D---- C:\Program Files\DIFX

2013-04-05 11:17:18 ----A---- C:\Windows\system32\dsNcSmartCardProv.dll

2013-04-05 11:17:18 ----A---- C:\Windows\system32\dsNcCredProv.dll

2013-04-05 11:17:06 ----D---- C:\Program Files (x86)\Juniper Networks

2013-04-05 11:15:58 ----D---- C:\Users\Glenn\AppData\Roaming\Juniper Networks

2013-04-05 00:35:33 ----D---- C:\Users\Glenn\AppData\Roaming\F-Secure SSH

2013-04-05 00:34:25 ----D---- C:\Program Files (x86)\F-Secure

2013-04-05 00:32:16 ----A---- C:\Windows\IsUninst.exe

2013-04-02 16:25:55 ----D---- C:\RecoveryCD

2013-04-01 18:12:31 ----D---- C:\Program Files (x86)\Voobly

2013-04-01 17:58:09 ----D---- C:\Program Files (x86)\dumps

2013-04-01 17:57:41 ----D---- C:\Program Files (x86)\Steam

2013-03-23 15:43:25 ----A---- C:\Windows\SYSWOW64\javaws.exe

2013-03-23 15:43:14 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2013-03-23 15:43:14 ----A---- C:\Windows\SYSWOW64\javaw.exe

2013-03-23 15:43:14 ----A---- C:\Windows\SYSWOW64\java.exe

2013-03-19 16:33:28 ----N---- C:\Windows\Setup1.exe

2013-03-19 16:33:24 ----A---- C:\Windows\ST6UNST.EXE

======List of files/folders modified in the last 1 month======

2013-04-17 10:01:39 ----D---- C:\Windows\Temp

2013-04-17 10:01:31 ----RD---- C:\Program Files

2013-04-17 10:00:42 ----D---- C:\Users\Glenn\AppData\Roaming\Skype

2013-04-17 09:50:26 ----SHD---- C:\Windows\Installer

2013-04-17 09:50:23 ----RD---- C:\Program Files (x86)

2013-04-17 09:50:09 ----SHD---- C:\System Volume Information

2013-04-17 09:46:48 ----D---- C:\Users\Glenn\AppData\Roaming\Dropbox

2013-04-17 07:42:47 ----SD---- C:\ProgramData\Microsoft

2013-04-16 23:48:29 ----D---- C:\Windows\System32

2013-04-16 23:48:29 ----D---- C:\Windows\inf

2013-04-16 23:48:29 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-04-16 23:43:25 ----D---- C:\Program Files (x86)\Gmail Notifier Pro

2013-04-16 23:42:34 ----D---- C:\Windows\Minidump

2013-04-16 23:42:21 ----D---- C:\Windows

2013-04-16 23:39:41 ----D---- C:\Users\Glenn\AppData\Roaming\FileZilla

2013-04-16 23:08:26 ----A---- C:\Windows\system32\npDeployJava1.dll

2013-04-16 23:08:26 ----A---- C:\Windows\system32\deployJava1.dll

2013-04-16 23:08:22 ----D---- C:\Program Files\Java

2013-04-16 21:51:41 ----D---- C:\Windows\SysWOW64

2013-04-16 20:40:41 ----D---- C:\Windows\SYSWOW64\windows

2013-04-16 20:30:14 ----HD---- C:\ProgramData

2013-04-16 20:30:13 ----D---- C:\Windows\system32\drivers

2013-04-16 13:26:08 ----D---- C:\Program Files (x86)\BabasChess

2013-04-15 21:29:58 ----D---- C:\Windows\system32\catroot

2013-04-15 21:29:56 ----D---- C:\Windows\system32\DriverStore

2013-04-15 21:29:40 ----D---- C:\swsetup

2013-04-15 21:24:11 ----RSD---- C:\Windows\assembly

2013-04-15 20:06:48 ----D---- C:\Users\Glenn\AppData\Roaming\Azureus

2013-04-15 13:07:19 ----D---- C:\Windows\system32\NDF

2013-04-14 23:28:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-04-12 22:51:44 ----D---- C:\ProgramData\Adobe

2013-04-12 22:48:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2013-04-12 13:10:22 ----D---- C:\Users\Glenn\AppData\Roaming\vlc

2013-04-10 22:59:14 ----D---- C:\Windows\system32\Tasks

2013-04-10 22:54:39 ----D---- C:\Windows\Resources

2013-04-08 16:57:52 ----D---- C:\Windows\system32\config

2013-04-08 16:52:51 ----D---- C:\Windows\system32\catroot2

2013-04-05 11:16:00 ----D---- C:\Windows\Downloaded Program Files

2013-04-02 12:52:43 ----D---- C:\Windows\Prefetch

2013-04-01 17:57:45 ----D---- C:\Program Files (x86)\Common Files

2013-03-27 16:05:55 ----SD---- C:\Users\Glenn\AppData\Roaming\Microsoft

2013-03-23 15:43:09 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll

2013-03-23 15:43:09 ----A---- C:\Windows\SYSWOW64\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]

R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]

R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-02-20 237840]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-02-20 120080]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]

R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]

R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]

R3 clwvd;HP Webcam Splitter; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-30 32880]

R3 dsNcAdpt;Juniper Network Connect Adapter; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [2013-02-20 32768]

R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]

R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]

R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]

R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-08-12 487936]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-07-24 250928]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-02-20 131856]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2013-02-20 146704]

R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]

S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]

S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-10-22 128352]

S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []

S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [2009-03-01 89600]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]

R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]

R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]

R2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-01-31 339776]

R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe [2009-08-12 240640]

R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-02-12 1044816]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-04 116648]

S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-12 256904]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 dsNcService;Juniper Network Connect Service; C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe [2013-02-20 692328]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-02-06 1432400]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-04 116648]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-19 489256]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
"C++ : Where friends have access to your private members." Gavin Russell Baker.

Gebruikersavatar
Berichten: 1.146

Re: geluid stopt met werken

Dat ziet er op het eerste zicht vrij goed uit. Echter is er 1 iets waar ik mijn bedenkingen bij heb: in het logje zie ik sporen terug van Privitize VPN, deze heeft een bedenkelijke reputatie en zou je dus beter kunnen verwijderen. Tenzij je een goede reden hebt om dat niet te doen? ;)

Onderstaande fix verwerkt het verwijderen van Privitize VPN! Indien je deze toch niet verwijderd wil voer je onderstaande NIET uit.
  1. Ga naar Start - Configuratiescherm - Programma's

    Verwijder (indien aanwezig) volgende programma's:
    • Privitize VPN
    • Zoomex
  2. Download zoek.exe naar het bureaublad.
    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

      (hier of hier) kan je lezen hoe je dat doet.
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

      Code: Selecteer alles

      
      startupall;
      
      filesrcm;
      
      [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU];r
      
      [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKLM];r
      
      C:\Windows\system32\windows\winsvr.exe;f
      
      [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN];r
      
      autoclean;
      
      uninstall-list;
      
      
    • Klik daarna op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post nu de inhoud van het geopende logje in het volgende bericht.
A word of encouragement during a failure is worth more than an hour of praise after success.

I hear, I know. I see, I remember. I do, I understand -Confucius-

Gebruikersavatar
Moderator
Berichten: 8.166

Re: geluid stopt met werken

De logboekmeldingen beschrijven 2 keer eenzelfde event: Herstart na problemen met USB (de parameters fe,08,06,05 wijzen hier op).

Heb je regelmatig een spontane reboot? Zo ja, mogelijk heb je een USB driver geïnstalleerd die tot deze problemen leidt, met een tooltje als UsbDview van Nir Sofer is snel te achterhalen welke usb devices er geïnstalleerd zijn en is het verwijderen erg eenvoudig. Was het echter een eenmalig probleem, dan zou ik er geen aandacht aan schenken.

Hiernaast wordt er melding gemaakt van een write protected registry key. Maar die melding is van een paar dagen terug. Mogelijk conflicteert hier iets met een firewall, wellicht die VPN die Mako meldde.

Reageer