Vraag & Antwoord

Beveiliging & privacy

Youprofitclub ad: wie helpt met mn log?

28 antwoorden
  • Hallo, Ik had eerst mn log in iemand anders zn topic gezet, zonder te weten dat dit 'not done' is. Daarom maak ik hierbij een nieuw topic aan: ik heb allerleid anti-adware programmas en een antivirus laten scannen maar ik kom er maar niet vanaf. Denk dat ik mijn laptop nooit meer uitleen... Het probleem is dat ik in Firefox en in IE om de zoveel tijd random doorverwezen wordt naar een ad-pagina, heel vervelend. Ook looptie vaak vast. Nu gebruik ik Opera en die doet het prima. "Ad served by Youprofitclub". Verder kan je het bij programma's desinstalleren, maar dan moet je een ww invoeren die op je scherm staat en weet niet of dit zon verstandig idee is. Hopelijk kan iemand me hepen!! Alvast bedankt... Komtie: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:41:29, on 3/11/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12769 bytes
  • Een van de mods hier heeft jou oorspronkelijk post al zelfstandig gemaakt, inclusief mijn antwoord op jouw log. Dus ga vanaf nu verder met http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1448946#1448946
  • Hallo, Dat andere topic is gesloten, en mijn probleem is helaas nogsteeds niet opgelost. Ik weet niet of ik nu hier verder moet gaan of...? Ik heb in ieder geval de antivirus gerund (avast), en het probleem is er nog steeds. Ik post wel een nieuwe log, hopelijk kan iemand me helpen! Voor de duidelijkheid: ik kan proberen die YouProfitClub te uninstallen via configuratiescherm, maar dan moet ik een verificatiecode opgeven die op het scherm staat...het probleem duurt nu zo lang dat ik overweeg dat te doen of is dat heel dom? Hierbij mn nieuwe log, na antivirus scan (3 infecties gevonden overigens): Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:40:29, on 3/12/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12931 bytes
  • Dat je voor Avast gekozen hebt is prima! Dan gaan we nu verder: [b:984c3c8e5e]Welk programma[/b:984c3c8e5e]: Malwarebytes MBAM [b:984c3c8e5e]Waarvoor/waarom[/b:984c3c8e5e]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:984c3c8e5e]Moeilijkheidsgraad[/b:984c3c8e5e]: geen. [b:984c3c8e5e]Download Malwarebytes MBAM via één van deze locaties[/b:984c3c8e5e]: [list:984c3c8e5e] [*:984c3c8e5e][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:984c3c8e5e]Download.com[/b:984c3c8e5e][/url] [*:984c3c8e5e][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:984c3c8e5e]Softpedia.com[/b:984c3c8e5e][/url][*:984c3c8e5e][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:984c3c8e5e]Majorgeeks.com[/b:984c3c8e5e][/url][/list:u:984c3c8e5e] [b:984c3c8e5e]Allereerst[/b:984c3c8e5e]:[list:984c3c8e5e][*:984c3c8e5e] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:984c3c8e5e] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:984c3c8e5e] [b:984c3c8e5e]Malwarebytes MBAM opstarten[/b:984c3c8e5e]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [b:984c3c8e5e]Scannen[/b:984c3c8e5e]: [list:984c3c8e5e][*:984c3c8e5e] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:984c3c8e5e]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:984c3c8e5e]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:984c3c8e5e] [b:984c3c8e5e]Infecties gevonden[/b:984c3c8e5e]: [list:984c3c8e5e][*:984c3c8e5e]Klik nu eerst op OK om de melding weg te klikken [*:984c3c8e5e]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:984c3c8e5e]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:984c3c8e5e]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:984c3c8e5e]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:984c3c8e5e]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:984c3c8e5e] [b:984c3c8e5e]MBAM-Log[/b:984c3c8e5e]: [list:984c3c8e5e][*:984c3c8e5e] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:984c3c8e5e] [b:984c3c8e5e]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:984c3c8e5e]
  • Dankjewel voor het antwoord! Hij heeft niks gevonden, en youprofitclb ads zijn er nogsteeds.. grrr Hierbij mn log: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6012 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 3/12/2011 14:35:25 mbam-log-2011-03-12 (14-35-25).txt Scan type: Quick scan Objects scanned: 171154 Time elapsed: 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected)
  • Hoi Max, je mag het volgende gaan doen: [b:f4a6483ad9]Welk programma[/b:f4a6483ad9]: ComboFix [b:f4a6483ad9]Waarvoor/waarom[/b:f4a6483ad9]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:f4a6483ad9]Moeilijkheidsgraad[/b:f4a6483ad9]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:f4a6483ad9]Downloadlokatie[/b:f4a6483ad9]: Dit programma absoluut naar het bureaublad downloaden! [b:f4a6483ad9]Download ComboFix via één van deze locaties[/b:f4a6483ad9]: [list:f4a6483ad9][*:f4a6483ad9][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:f4a6483ad9]Bleepingcomputer[/b:f4a6483ad9][/url] [*:f4a6483ad9][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:f4a6483ad9]ForoSpyware[/b:f4a6483ad9][/url] [*:f4a6483ad9][url=http://subs.geekstogo.com/ComboFix.exe][b:f4a6483ad9]Geekstogo[/b:f4a6483ad9][/url][/list:u:f4a6483ad9] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:f4a6483ad9]Hier[/b:f4a6483ad9][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:f4a6483ad9]Hier[/b:f4a6483ad9][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to- disable-your-security-applications-490111.html][b:f4a6483ad9]hier[/b:f4a6483ad9][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:f4a6483ad9]Voor alle duidelijkheid nogmaals[/b:f4a6483ad9]: ComboFix dient vanaf het bureaublad gestart te worden. [b:f4a6483ad9]Opmerkingen[/b:f4a6483ad9]: [list:f4a6483ad9][*:f4a6483ad9] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:f4a6483ad9]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:f4a6483ad9]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:f4a6483ad9] [b:f4a6483ad9]ComboFix is opgestart[/b:f4a6483ad9]: [list:f4a6483ad9][*:f4a6483ad9]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:f4a6483ad9]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:f4a6483ad9]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:f4a6483ad9]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:f4a6483ad9]Post de inhoud van dit logbestand in je volgende bericht. [*:f4a6483ad9]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:f4a6483ad9] [b:f4a6483ad9]Belangrijke opmerking[/b:f4a6483ad9]: [list:f4a6483ad9][*:f4a6483ad9][b:f4a6483ad9][color=Red:f4a6483ad9]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:f4a6483ad9][/b:f4a6483ad9] [*:f4a6483ad9][b:f4a6483ad9][color=blue:f4a6483ad9]Illegal operation attempted on a registery key that has been marked for deletion.[/color:f4a6483ad9][/b:f4a6483ad9] [*:f4a6483ad9][b:f4a6483ad9][color=Red:f4a6483ad9]Start dan de computer opnieuw op.[/color:f4a6483ad9][/b:f4a6483ad9][/list:u:f4a6483ad9]
  • Hee bedankt iig! Heb alles uitgezet, firewall, antivirus en adware programmas, maar zag in het log nog wel windows defender staan? Is dit erg? Anders doe ik hem wel opnieuw. Dit is het in ieder geval: ComboFix 11-03-11.02 - Max 03/12/2011 17:11:04.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3886.1976 [GMT 1:00] Running from: c:\users\Max\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2011-02-12 to 2011-03-12 ))))))))))))))))))))))))))))))) . . 2011-03-12 16:14 . 2011-03-12 16:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-03-12 16:14 . 2011-03-12 16:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-03-12 15:25 . 2011-03-12 15:26 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment 2011-03-12 14:08 . 2011-03-12 14:08 -------- d-----w- c:\programdata\KONAMI 2011-03-11 22:23 . 2011-03-11 22:23 -------- d-----w- c:\programdata\Electronic Arts 2011-03-11 22:23 . 2011-03-11 22:23 -------- d-----w- c:\programdata\EA Core 2011-03-11 20:58 . 2009-09-04 16:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2011-03-11 20:54 . 2011-03-11 20:54 -------- d-----w- c:\programdata\Solidshield 2011-03-11 20:08 . 2011-03-11 20:08 -------- d-----w- C:\NVIDIA 2011-03-11 17:52 . 2011-02-23 14:57 280408 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-03-11 17:52 . 2011-02-23 14:54 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-03-11 17:52 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-03-11 17:52 . 2011-02-23 14:55 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-03-11 17:52 . 2011-02-23 14:57 505176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-03-11 17:52 . 2011-02-23 15:04 238968 ----a-w- c:\windows\system32\aswBoot.exe 2011-03-11 17:52 . 2011-02-23 14:55 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-03-11 17:51 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr 2011-03-11 17:51 . 2011-02-23 15:04 190016 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-03-11 17:51 . 2011-03-11 17:51 -------- d-----w- c:\programdata\AVAST Software 2011-03-11 17:51 . 2011-03-11 17:51 -------- d-----w- c:\program files\AVAST Software 2011-03-11 15:38 . 2007-10-22 02:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll 2011-03-10 19:00 . 2011-03-10 19:00 -------- d-----w- c:\program files (x86)\Trend Micro 2011-03-10 18:29 . 2011-03-10 18:29 -------- d-----w- c:\programdata\Malwarebytes 2011-03-10 18:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-03-10 18:29 . 2011-03-10 18:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-03-10 18:29 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-10 18:12 . 2011-03-10 18:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-03-10 18:12 . 2011-03-10 18:12 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-03-10 17:37 . 2011-03-10 17:37 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2011-03-10 17:37 . 2011-03-10 17:37 -------- d-----w- c:\programdata\!SASCORE 2011-03-10 17:37 . 2011-03-10 17:37 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-03-10 17:33 . 2011-03-10 17:33 -------- d-----w- c:\program files\CCleaner 2011-03-10 12:48 . 2011-03-10 12:48 -------- d-----w- c:\windows\en 2011-03-10 12:47 . 2011-03-10 12:47 -------- d-----w- c:\program files\Windows Live 2011-03-10 12:47 . 2011-03-10 12:47 -------- d-----w- c:\program files (x86)\MSN Toolbar 2011-03-10 12:46 . 2011-03-10 12:47 -------- d-----w- c:\program files (x86)\Bing Bar Installer 2011-03-10 12:46 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll 2011-03-10 12:46 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll 2011-03-10 12:46 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2011-03-10 12:46 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2011-03-10 11:31 . 2011-03-09 07:47 16432 ----a-w- c:\windows\system32\lsdelete.exe 2011-03-10 00:07 . 2011-03-09 07:47 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-03-10 00:07 . 2011-03-10 00:07 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-03-10 00:06 . 2011-03-10 00:06 -------- dc-h--w- c:\programdata\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE} 2011-03-10 00:05 . 2011-03-10 00:06 -------- d-----w- c:\programdata\Lavasoft 2011-03-10 00:05 . 2011-03-10 00:05 -------- d-----w- c:\program files (x86)\Lavasoft 2011-03-10 00:03 . 2011-03-10 00:05 -------- d-----w- c:\program files\iTunes 2011-03-10 00:03 . 2011-03-10 00:05 -------- d-----w- c:\program files (x86)\iTunes 2011-03-10 00:03 . 2011-03-10 00:03 -------- d-----w- c:\program files\iPod 2011-03-08 05:57 . 2011-03-08 05:58 125927 ----a-w- c:\windows\SysWow64\f8d264bc.exe 2011-03-08 05:57 . 2011-03-08 05:58 50168 ----a-w- c:\windows\SysWow64\wchizyxfpceengfe.exe 2011-03-04 15:05 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8078CBCE-9FB4-4472-A231-BD9D478A0146}\mpengine.dll 2011-03-01 12:18 . 2011-03-07 19:28 -------- d-----w- c:\programdata\VirtualizedApplications 2011-02-28 16:22 . 2011-02-28 16:22 -------- d-----w- c:\program files (x86)\Opera 2011-02-27 17:05 . 2011-03-11 18:34 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2011-02-27 17:05 . 2011-03-11 18:33 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2011-02-27 16:01 . 2011-02-27 16:01 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2011-02-27 16:01 . 2011-03-12 12:37 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2011-02-27 16:01 . 2011-03-12 12:37 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2011-02-27 16:01 . 2011-02-27 16:01 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-02-27 13:06 . 2011-02-27 13:06 -------- d-----w- c:\program files (x86)\SopCast 2011-02-26 21:51 . 2011-02-26 21:51 -------- d-----w- c:\programdata\Hewlett-Packard 2011-02-26 21:51 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll 2011-02-26 15:38 . 2011-02-26 15:38 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-02-26 15:37 . 2011-02-26 15:37 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-02-26 15:37 . 2011-02-26 15:37 -------- d-----w- c:\program files (x86)\Java 2011-02-26 15:37 . 2011-02-26 15:37 -------- d-----w- c:\programdata\McAfee 2011-02-26 15:24 . 2011-02-26 15:24 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2011-02-26 13:21 . 2011-02-26 13:21 -------- d-----w- c:\program files (x86)\PowerISO 2011-02-26 13:21 . 2010-04-12 08:55 91568 ----a-w- c:\windows\system32\drivers\scdemu.sys 2011-02-24 06:14 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2011-02-24 06:14 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2011-02-23 18:42 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2011-02-23 18:42 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll 2011-02-23 18:42 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-02-23 18:42 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2011-02-22 21:31 . 2011-02-22 21:31 -------- d-----w- c:\program files (x86)\VideoLAN 2011-02-22 18:33 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-02-22 18:33 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-02-22 18:33 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-02-22 18:33 . 2011-03-10 00:07 -------- dc----w- c:\windows\system32\DRVSTORE 2011-02-22 18:33 . 2011-02-22 18:33 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-02-22 18:33 . 2011-02-22 18:33 -------- d-----w- c:\program files (x86)\Guitar Pro 5 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files\Common Files\Apple 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files\Bonjour 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files (x86)\Bonjour 2011-02-22 18:28 . 2011-02-22 18:28 -------- d-----w- c:\program files (x86)\uTorrent 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2011-02-22 16:14 . 2011-03-10 00:03 -------- d-----w- c:\programdata\Apple Computer 2011-02-22 16:14 . 2011-02-22 16:14 -------- d-----w- c:\program files (x86)\QuickTime 2011-02-22 16:13 . 2011-03-10 00:03 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-02-22 16:13 . 2011-02-22 16:13 -------- d-----w- c:\programdata\Apple 2011-02-21 20:42 . 2011-02-21 20:42 -------- d-----w- c:\program files (x86)\Common Files\Skype 2011-02-21 20:42 . 2011-02-21 20:42 -------- d-----r- c:\program files (x86)\Skype 2011-02-21 20:41 . 2011-02-21 20:42 -------- d-----w- c:\programdata\Skype 2011-02-16 19:29 . 2011-02-16 19:29 -------- d-----w- c:\windows\SysWow64\Wat 2011-02-16 19:29 . 2011-02-16 19:29 -------- d-----w- c:\windows\system32\Wat 2011-02-16 12:23 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2011-02-16 12:23 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2011-02-16 12:23 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2011-02-16 12:23 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2011-02-16 12:23 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2011-02-16 12:23 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-02-16 12:23 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-02-16 12:23 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2011-02-16 12:23 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2011-02-16 12:23 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-02-16 12:23 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-02-16 12:21 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2011-02-16 12:21 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2011-02-16 09:34 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2011-02-15 17:38 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-02-15 17:08 . 2011-02-15 17:08 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2011-02-15 17:08 . 2011-02-15 17:08 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-02-15 17:07 . 2011-03-10 00:08 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2011-02-15 17:06 . 2006-11-29 12:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll 2011-02-15 17:06 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll 2011-02-15 17:05 . 2011-02-15 17:05 -------- d-----w- c:\program files (x86)\Microsoft . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-10 16:59 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-01-08 03:27 . 2010-09-23 19:27 643688 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2011-01-08 03:27 . 2010-09-23 19:27 226920 ----a-w- c:\windows\system32\nvinitx.dll 2011-01-08 03:27 . 2010-09-23 19:27 192616 ----a-w- c:\windows\SysWow64\nvinit.dll 2011-01-08 03:27 . 2010-09-23 19:27 2200680 ----a-w- c:\windows\system32\nvapi64.dll 2011-01-08 03:27 . 2010-09-23 19:27 1965672 ----a-w- c:\windows\SysWow64\nvapi.dll 2011-01-07 19:50 . 2011-01-07 19:50 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll 2011-01-07 19:50 . 2011-01-07 19:50 6143080 ----a-w- c:\windows\system32\nvcpl.dll 2011-01-07 19:49 . 2011-01-07 19:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll 2011-01-07 19:49 . 2011-01-07 19:49 474772 ----a-w- c:\windows\system32\nvcoproc.bin 2011-01-07 19:49 . 2011-01-07 19:49 117864 ----a-w- c:\windows\system32\nvmctray.dll 2011-01-07 19:49 . 2011-01-07 19:49 792680 ----a-w- c:\windows\system32\nv3dappshext.dll 2011-01-07 19:49 . 2011-01-07 19:49 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll 2011-01-07 19:49 . 2011-01-07 19:49 313448 ----a-w- c:\windows\system32\nvhotkey.dll 2011-01-07 19:49 . 2011-01-07 19:49 2558568 ----a-w- c:\windows\system32\nvsvcr.dll 2011-01-07 19:49 . 2011-01-07 19:49 1005160 ----a-w- c:\windows\system32\nvvsvc.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-22 396152] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-06-18 2486272] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-06-12 1349632] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496] . c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Update.lnk - c:\windows\System32\rundll32.exe [2009-7-14 45568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x] R3 BTMHID;BTMHID;c:\windows\system32\DRIVERS\btmhid.sys [x] R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x] R3 diskperf64;Realtek Turbo Disk Filter Driver;c:\windows\system32\DRIVERS\diskperf64.sys [x] R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-09 1405384] S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-14 2533400] S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504] S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-23 1028096] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-09 17152] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x] S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - LAVASOFT_KERNEXPLORER . Contents of the 'Scheduled Tasks' folder . 2011-03-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-03-09 07:47] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-02-23 15:04 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296] "BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-04-22 19645704] "THXCfg64"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568] "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe" [BU] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = nu.nl mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\bn4xikrh.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: z: {391519d9-1310-2b1a-f98e-346a8f240119} - c:\program files (x86)\Mozilla Firefox\extensions\{391519d9-1310-2b1a-f98e-346a8f240119} FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\SecuROM\License information*] "datasecu"=hex:ec,f5,d8,d3,9e,c5,f8,86,38,7f,86,a0,66,dd,af,50,e0,67,f4,19,4b, 0e,17,48,b9,60,66,ab,93,d8,f5,ab,a7,12,cd,ae,d7,9a,31,89,0e,89,35,89,d7,9d,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-03-12 17:15:44 ComboFix-quarantined-files.txt 2011-03-12 16:15 ComboFix2.txt 2011-03-12 16:05 . Pre-Run: 322,928,390,144 bytes free Post-Run: 322,871,664,640 bytes free . - - End Of File - - 1CB74B214D63C6CE0E25F904F0A7B011
  • Hoi Max, de volgende opdracht: open een nieuw kladblok bestand, via Start>Alle programma’s>Bureau-accessoires>Kladblok. Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:41d903d415][COLOR="Blue"]File:: c:\windows\syswow64\wchizyxfpceengfe.exe Folder:: c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be} c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}[/COLOR][/b:41d903d415] Sla dit kladblokbestand op je bureaublad op als [b:41d903d415]CFScript.txt[/b:41d903d415]. [b:41d903d415][COLOR="Red"]Nu eerst de antivirus deaktiveren![/COLOR][/b:41d903d415] Sleep CFScript.txt in ComboFix.exe [img:41d903d415]http://home.kpn.nl/~stefsmeenk/CFScript.gif[/img:41d903d415] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!
  • Gedaan. Ook heb ik ondervonden dat hij nu mijn videokaart niet meer herkent, kan dit er ook mee te maken hebben of is dit een ander probleem? Heb een laptop met optimus-technologie, waarbij hij switched van de onboard intel accelerator naar de nvidia gt 425m, maar dit doet het niet meer...nja mss een ander probleem, eerst maar is van die vervelende ads af! Dit is de log: ComboFix 11-03-11.02 - Max 03/12/2011 19:55:34.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3886.2180 [GMT 1:00] Running from: c:\users\Max\Desktop\ComboFix.exe Command switches used :: c:\users\Max\Desktop\CFScript.txt AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\syswow64\wchizyxfpceengfe.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be} c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.dat c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.exe c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.lan c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.msi c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.par c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.res c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\instance.dat c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\mia.lib c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001} c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\DIFxAPI.dll c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\DifXInstall64.exe c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\DIFxInstallLog.txt c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\GEARAspiWDM.inf c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\gearaspiwdmx64.cat c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\x64\GEARAspi.dll c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\x64\GEARAspi64.dll c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\x64\GEARAspiWDM.sys c:\windows\syswow64\wchizyxfpceengfe.exe . . ((((((((((((((((((((((((( Files Created from 2011-02-12 to 2011-03-12 ))))))))))))))))))))))))))))))) . . 2011-03-12 18:59 . 2011-03-12 18:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-03-12 18:59 . 2011-03-12 18:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-03-12 17:34 . 2011-03-12 17:34 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2011-03-12 15:25 . 2011-03-12 17:04 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment 2011-03-12 14:08 . 2011-03-12 14:08 -------- d-----w- c:\programdata\KONAMI 2011-03-11 22:23 . 2011-03-11 22:23 -------- d-----w- c:\programdata\Electronic Arts 2011-03-11 22:23 . 2011-03-11 22:23 -------- d-----w- c:\programdata\EA Core 2011-03-11 20:58 . 2009-09-04 16:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2011-03-11 20:54 . 2011-03-11 20:54 -------- d-----w- c:\programdata\Solidshield 2011-03-11 20:08 . 2011-03-11 20:08 -------- d-----w- C:\NVIDIA 2011-03-11 17:52 . 2011-02-23 14:57 280408 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-03-11 17:52 . 2011-02-23 14:54 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-03-11 17:52 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-03-11 17:52 . 2011-02-23 14:55 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-03-11 17:52 . 2011-02-23 14:57 505176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-03-11 17:52 . 2011-02-23 15:04 238968 ----a-w- c:\windows\system32\aswBoot.exe 2011-03-11 17:52 . 2011-02-23 14:55 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-03-11 17:51 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr 2011-03-11 17:51 . 2011-02-23 15:04 190016 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-03-11 17:51 . 2011-03-11 17:51 -------- d-----w- c:\programdata\AVAST Software 2011-03-11 17:51 . 2011-03-11 17:51 -------- d-----w- c:\program files\AVAST Software 2011-03-11 15:38 . 2007-10-22 02:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll 2011-03-10 19:00 . 2011-03-10 19:00 -------- d-----w- c:\program files (x86)\Trend Micro 2011-03-10 18:29 . 2011-03-10 18:29 -------- d-----w- c:\programdata\Malwarebytes 2011-03-10 18:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-03-10 18:29 . 2011-03-10 18:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-03-10 18:29 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-10 18:12 . 2011-03-10 18:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-03-10 18:12 . 2011-03-10 18:12 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-03-10 17:37 . 2011-03-10 17:37 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2011-03-10 17:37 . 2011-03-10 17:37 -------- d-----w- c:\programdata\!SASCORE 2011-03-10 17:37 . 2011-03-10 17:37 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-03-10 17:33 . 2011-03-10 17:33 -------- d-----w- c:\program files\CCleaner 2011-03-10 12:48 . 2011-03-10 12:48 -------- d-----w- c:\windows\en 2011-03-10 12:47 . 2011-03-10 12:47 -------- d-----w- c:\program files\Windows Live 2011-03-10 12:47 . 2011-03-10 12:47 -------- d-----w- c:\program files (x86)\MSN Toolbar 2011-03-10 12:46 . 2011-03-10 12:47 -------- d-----w- c:\program files (x86)\Bing Bar Installer 2011-03-10 12:46 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll 2011-03-10 12:46 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll 2011-03-10 12:46 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2011-03-10 12:46 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2011-03-10 11:31 . 2011-03-09 07:47 16432 ----a-w- c:\windows\system32\lsdelete.exe 2011-03-10 00:07 . 2011-03-09 07:47 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-03-10 00:07 . 2011-03-10 00:07 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-03-10 00:05 . 2011-03-10 00:06 -------- d-----w- c:\programdata\Lavasoft 2011-03-10 00:05 . 2011-03-10 00:05 -------- d-----w- c:\program files (x86)\Lavasoft 2011-03-10 00:03 . 2011-03-10 00:05 -------- d-----w- c:\program files\iTunes 2011-03-10 00:03 . 2011-03-10 00:05 -------- d-----w- c:\program files (x86)\iTunes 2011-03-10 00:03 . 2011-03-10 00:03 -------- d-----w- c:\program files\iPod 2011-03-08 05:57 . 2011-03-08 05:58 125927 ----a-w- c:\windows\SysWow64\f8d264bc.exe 2011-03-04 15:05 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8078CBCE-9FB4-4472-A231-BD9D478A0146}\mpengine.dll 2011-03-01 12:18 . 2011-03-07 19:28 -------- d-----w- c:\programdata\VirtualizedApplications 2011-02-28 16:22 . 2011-02-28 16:22 -------- d-----w- c:\program files (x86)\Opera 2011-02-27 17:05 . 2011-03-12 18:34 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2011-02-27 17:05 . 2011-03-12 18:34 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2011-02-27 16:01 . 2011-02-27 16:01 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2011-02-27 16:01 . 2011-03-12 12:37 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2011-02-27 16:01 . 2011-03-12 12:37 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2011-02-27 16:01 . 2011-02-27 16:01 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-02-27 13:06 . 2011-02-27 13:06 -------- d-----w- c:\program files (x86)\SopCast 2011-02-26 21:51 . 2011-02-26 21:51 -------- d-----w- c:\programdata\Hewlett-Packard 2011-02-26 21:51 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll 2011-02-26 15:38 . 2011-02-26 15:38 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-02-26 15:37 . 2011-02-26 15:37 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-02-26 15:37 . 2011-02-26 15:37 -------- d-----w- c:\program files (x86)\Java 2011-02-26 15:37 . 2011-02-26 15:37 -------- d-----w- c:\programdata\McAfee 2011-02-26 15:24 . 2011-02-26 15:24 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2011-02-26 13:21 . 2011-02-26 13:21 -------- d-----w- c:\program files (x86)\PowerISO 2011-02-26 13:21 . 2010-04-12 08:55 91568 ----a-w- c:\windows\system32\drivers\scdemu.sys 2011-02-24 06:14 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2011-02-24 06:14 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2011-02-23 18:42 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2011-02-23 18:42 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll 2011-02-23 18:42 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-02-23 18:42 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2011-02-22 21:31 . 2011-02-22 21:31 -------- d-----w- c:\program files (x86)\VideoLAN 2011-02-22 18:33 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-02-22 18:33 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-02-22 18:33 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-02-22 18:33 . 2011-03-10 00:07 -------- dc----w- c:\windows\system32\DRVSTORE 2011-02-22 18:33 . 2011-02-22 18:33 -------- d-----w- c:\program files (x86)\Guitar Pro 5 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files\Common Files\Apple 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files\Bonjour 2011-02-22 18:32 . 2011-02-22 18:32 -------- d-----w- c:\program files (x86)\Bonjour 2011-02-22 18:28 . 2011-02-22 18:28 -------- d-----w- c:\program files (x86)\uTorrent 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2011-02-22 16:14 . 2011-02-22 16:14 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2011-02-22 16:14 . 2011-03-10 00:03 -------- d-----w- c:\programdata\Apple Computer 2011-02-22 16:14 . 2011-02-22 16:14 -------- d-----w- c:\program files (x86)\QuickTime 2011-02-22 16:13 . 2011-03-10 00:03 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-02-22 16:13 . 2011-02-22 16:13 -------- d-----w- c:\programdata\Apple 2011-02-21 20:42 . 2011-02-21 20:42 -------- d-----w- c:\program files (x86)\Common Files\Skype 2011-02-21 20:42 . 2011-02-21 20:42 -------- d-----r- c:\program files (x86)\Skype 2011-02-21 20:41 . 2011-02-21 20:42 -------- d-----w- c:\programdata\Skype 2011-02-16 19:29 . 2011-02-16 19:29 -------- d-----w- c:\windows\SysWow64\Wat 2011-02-16 19:29 . 2011-02-16 19:29 -------- d-----w- c:\windows\system32\Wat 2011-02-16 12:23 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2011-02-16 12:23 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2011-02-16 12:23 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2011-02-16 12:23 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2011-02-16 12:23 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2011-02-16 12:23 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-02-16 12:23 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-02-16 12:23 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2011-02-16 12:23 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2011-02-16 12:23 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-02-16 12:23 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-02-16 12:21 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2011-02-16 12:21 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2011-02-16 09:34 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll 2011-02-15 17:38 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-02-15 17:08 . 2011-02-15 17:08 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2011-02-15 17:08 . 2011-02-15 17:08 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-02-15 17:07 . 2011-03-10 00:08 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2011-02-15 17:06 . 2006-11-29 12:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll 2011-02-15 17:06 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll 2011-02-15 17:05 . 2011-02-15 17:05 -------- d-----w- c:\program files (x86)\Microsoft 2011-02-15 17:04 . 2011-03-10 12:48 -------- d-----w- c:\program files (x86)\Windows Live 2011-02-15 17:03 . 2011-02-15 17:03 -------- d-----w- c:\program files (x86)\Common Files\Windows Live . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-10 16:59 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-01-08 03:27 . 2010-09-23 19:27 643688 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2011-01-08 03:27 . 2010-09-23 19:27 226920 ----a-w- c:\windows\system32\nvinitx.dll 2011-01-08 03:27 . 2010-09-23 19:27 192616 ----a-w- c:\windows\SysWow64\nvinit.dll 2011-01-08 03:27 . 2010-09-23 19:27 2200680 ----a-w- c:\windows\system32\nvapi64.dll 2011-01-08 03:27 . 2010-09-23 19:27 1965672 ----a-w- c:\windows\SysWow64\nvapi.dll 2011-01-07 19:50 . 2011-01-07 19:50 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll 2011-01-07 19:50 . 2011-01-07 19:50 6143080 ----a-w- c:\windows\system32\nvcpl.dll 2011-01-07 19:49 . 2011-01-07 19:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll 2011-01-07 19:49 . 2011-01-07 19:49 474772 ----a-w- c:\windows\system32\nvcoproc.bin 2011-01-07 19:49 . 2011-01-07 19:49 117864 ----a-w- c:\windows\system32\nvmctray.dll 2011-01-07 19:49 . 2011-01-07 19:49 792680 ----a-w- c:\windows\system32\nv3dappshext.dll 2011-01-07 19:49 . 2011-01-07 19:49 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll 2011-01-07 19:49 . 2011-01-07 19:49 313448 ----a-w- c:\windows\system32\nvhotkey.dll 2011-01-07 19:49 . 2011-01-07 19:49 2558568 ----a-w- c:\windows\system32\nvsvcr.dll 2011-01-07 19:49 . 2011-01-07 19:49 1005160 ----a-w- c:\windows\system32\nvvsvc.exe . . ((((((((((((((((((((((((((((( SnapShot@2011-03-12_16.03.50 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2011-03-12 15:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-03-12 18:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-03-12 15:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-03-12 18:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-03-12 15:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-03-12 18:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-08-18 19:28 . 2011-03-12 18:28 37178 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-03-12 18:28 38282 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:30 . 2011-03-12 18:22 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2011-03-11 20:10 86016 c:\windows\system32\DriverStore\infpub.dat + 2011-03-12 18:21 . 2011-01-08 03:27 67176 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\OpenCL64.dll - 2011-03-11 20:09 . 2011-01-08 03:27 67176 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\OpenCL64.dll - 2011-03-11 20:09 . 2011-01-08 03:27 57960 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\OpenCL.dll + 2011-03-12 18:21 . 2011-01-08 03:27 57960 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\OpenCL.dll - 2011-03-11 20:09 . 2011-01-08 03:27 25576 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvpciflt.sys + 2011-03-12 18:21 . 2011-01-08 03:27 25576 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvpciflt.sys - 2011-02-15 17:14 . 2011-03-12 15:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-02-27 16:00 . 2011-03-12 18:33 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat - 2011-02-27 16:00 . 2011-03-12 12:37 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2011-02-27 16:00 . 2011-03-12 18:33 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat - 2011-02-27 16:00 . 2011-03-12 12:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat - 2011-02-27 16:00 . 2011-03-12 12:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat + 2011-02-27 16:00 . 2011-03-12 18:33 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat + 2011-02-15 17:14 . 2011-03-12 18:33 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-02-15 17:14 . 2011-03-12 15:47 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-02-15 17:14 . 2011-03-12 15:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-15 17:14 . 2011-03-12 16:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-02-15 17:14 . 2011-03-12 16:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-03-12 18:22 . 2011-03-12 18:22 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe - 2011-03-11 20:10 . 2011-03-11 20:10 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe + 2011-02-15 16:57 . 2011-03-12 18:28 6986 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2002805053-4252134244-3045484419-1001_UserData.bin - 2011-03-11 20:09 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdetx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdetx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdet.dll - 2011-03-11 20:09 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdet.dll + 2011-03-12 18:24 . 2011-03-12 18:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-03-12 15:44 . 2011-03-12 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-03-12 18:24 . 2011-03-12 18:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-03-12 15:44 . 2011-03-12 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-02-16 19:31 . 2011-03-12 15:44 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2011-02-16 19:31 . 2011-03-12 18:24 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 05:30 . 2011-03-12 18:22 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-03-11 20:10 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2011-03-12 18:21 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:30 . 2011-03-11 20:09 143360 c:\windows\system32\DriverStore\infstor.dat - 2011-03-11 20:09 . 2011-01-08 03:27 762984 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvumdshimx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 762984 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvumdshimx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 643688 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvumdshim.dll - 2011-03-11 20:09 . 2011-01-08 03:27 643688 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvumdshim.dll - 2011-03-11 20:09 . 2011-01-08 03:27 380520 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoptimusmft32.dll + 2011-03-12 18:21 . 2011-01-08 03:27 380520 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoptimusmft32.dll - 2011-03-11 20:09 . 2011-01-08 03:27 446056 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoptimusmft.dll + 2011-03-12 18:21 . 2011-01-08 03:27 446056 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoptimusmft.dll - 2011-03-11 20:09 . 2011-01-08 03:27 226920 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvinitx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 226920 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvinitx.dll - 2011-03-11 20:09 . 2011-01-08 03:27 192616 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvinit.dll + 2011-03-12 18:21 . 2011-01-08 03:27 192616 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvinit.dll - 2011-03-11 20:09 . 2011-01-08 03:27 197224 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvidia-smi.exe + 2011-03-12 18:21 . 2011-01-08 03:27 197224 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvidia-smi.exe + 2011-03-12 18:21 . 2011-01-08 03:27 249856 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdxgiwrapx.dll - 2011-03-11 20:09 . 2011-01-08 03:27 249856 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdxgiwrapx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 225896 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdxgiwrap.dll - 2011-03-11 20:09 . 2011-01-08 03:27 225896 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdxgiwrap.dll - 2011-03-11 20:09 . 2011-01-08 03:27 281380 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdrsdb.bin + 2011-03-12 18:21 . 2011-01-08 03:27 281380 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdrsdb.bin + 2011-03-12 18:21 . 2011-01-08 03:27 320104 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdecodemft32.dll - 2011-03-11 20:09 . 2011-01-08 03:27 320104 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdecodemft32.dll + 2011-03-12 18:21 . 2011-01-08 03:27 392296 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdecodemft.dll - 2011-03-11 20:09 . 2011-01-08 03:27 392296 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdecodemft.dll + 2011-03-12 18:21 . 2011-01-08 03:27 253952 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrapx.dll - 2011-03-11 20:09 . 2011-01-08 03:27 253952 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrapx.dll - 2011-03-11 20:09 . 2011-01-08 03:27 229992 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrap.dll + 2011-03-12 18:21 . 2011-01-08 03:27 229992 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrap.dll + 2011-03-12 18:21 . 2011-01-08 03:27 191080 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\dbInstaller.exe - 2011-03-11 20:09 . 2011-01-08 03:27 191080 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\dbInstaller.exe + 2009-07-14 05:01 . 2011-03-12 18:24 226476 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2011-03-12 15:43 226476 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-03-11 00:11 . 2011-03-12 15:43 338632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2002805053-4252134244-3045484419-1001-8192.dat + 2011-03-11 00:11 . 2011-03-12 18:24 338632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2002805053-4252134244-3045484419-1001-8192.dat + 2009-04-03 09:26 . 2009-04-03 09:26 354608 c:\windows\Downloaded Program Files\sysreqlab_nvd.dll - 2011-03-11 20:09 . 2011-01-08 03:27 7729256 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvwgf2umx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 7729256 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvwgf2umx.dll - 2011-03-11 20:09 . 2011-01-08 03:27 5653096 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvwgf2um.dll + 2011-03-12 18:21 . 2011-01-08 03:27 5653096 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvwgf2um.dll - 2011-03-11 20:09 . 2011-01-08 03:27 1359976 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvgenco64.dll + 2011-03-12 18:21 . 2011-01-08 03:27 1359976 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvgenco64.dll + 2011-03-12 18:21 . 2011-01-08 03:27 1614440 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdispco64.dll - 2011-03-11 20:09 . 2011-01-08 03:27 1614440 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvdispco64.dll + 2011-03-12 18:21 . 2011-01-08 03:27 2895976 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvid32.dll - 2011-03-11 20:09 . 2011-01-08 03:27 2895976 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvid32.dll + 2011-03-12 18:21 . 2011-01-08 03:27 3112040 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvid.dll - 2011-03-11 20:09 . 2011-01-08 03:27 3112040 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvid.dll + 2011-03-12 18:21 . 2011-01-08 03:27 2479720 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvenc64.dll - 2011-03-11 20:09 . 2011-01-08 03:27 2479720 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvenc64.dll + 2011-03-12 18:21 . 2011-01-08 03:27 2251368 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvenc.dll - 2011-03-11 20:09 . 2011-01-08 03:27 2251368 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuvenc.dll - 2011-03-11 20:09 . 2011-01-08 03:27 4941928 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuda32.dll + 2011-03-12 18:21 . 2011-01-08 03:27 4941928 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuda32.dll + 2011-03-12 18:21 . 2011-01-08 03:27 6604904 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuda.dll - 2011-03-11 20:09 . 2011-01-08 03:27 6604904 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcuda.dll - 2011-03-11 20:09 . 2011-01-08 03:27 2200680 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvapi64.dll + 2011-03-12 18:21 . 2011-01-08 03:27 2200680 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvapi64.dll - 2011-03-11 20:09 . 2011-01-08 03:27 1965672 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvapi.dll + 2011-03-12 18:21 . 2011-01-08 03:27 1965672 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvapi.dll + 2010-09-23 20:10 . 2011-03-12 18:24 1185968 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2009-07-14 02:34 . 2011-03-12 17:20 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT - 2009-07-14 02:34 . 2011-03-12 15:58 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2011-03-12 18:21 . 2011-01-08 03:27 20471912 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoglv64.dll - 2011-03-11 20:09 . 2011-01-08 03:27 20471912 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoglv64.dll + 2011-03-12 18:21 . 2011-01-08 03:27 15047272 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoglv32.dll - 2011-03-11 20:09 . 2011-01-08 03:27 15047272 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvoglv32.dll + 2011-03-12 18:21 . 2011-01-08 03:27 12961640 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvlddmkm.sys - 2011-03-11 20:09 . 2011-01-08 03:27 12961640 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvlddmkm.sys - 2011-03-11 20:09 . 2011-01-08 03:27 12859496 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvd3dumx.dll + 2011-03-12 18:21 . 2011-01-08 03:27 12859496 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvd3dumx.dll - 2011-03-11 20:09 . 2011-01-08 03:27 10078312 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvd3dum.dll + 2011-03-12 18:21 . 2011-01-08 03:27 10078312 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvd3dum.dll - 2011-03-11 20:09 . 2011-01-08 03:27 56396024 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\NvCplSetupInt.exe + 2011-03-12 18:21 . 2011-01-08 03:27 56396024 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\NvCplSetupInt.exe + 2011-03-12 18:21 . 2011-01-08 03:27 13011560 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcompiler32.dll - 2011-03-11 20:09 . 2011-01-08 03:27 13011560 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcompiler32.dll + 2011-03-12 18:21 . 2011-01-08 03:27 18580072 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcompiler.dll - 2011-03-11 20:09 . 2011-01-08 03:27 18580072 c:\windows\system32\DriverStore\FileRepository\nvmi.inf_amd64_neutral_774273dadcf33a57\nvcompiler.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-22 396152] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-06-18 2486272] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-06-12 1349632] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496] . c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Update.lnk - c:\windows\System32\rundll32.exe [2009-7-14 45568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x] R3 BTMHID;BTMHID;c:\windows\system32\DRIVERS\btmhid.sys [x] R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x] R3 diskperf64;Realtek Turbo Disk Filter Driver;c:\windows\system32\DRIVERS\diskperf64.sys [x] R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-09 1405384] S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-14 2533400] S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504] S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-23 1028096] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-09 17152] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x] S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2011-03-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-03-09 07:47] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-02-23 15:04 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296] "BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-04-22 19645704] "THXCfg64"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568] "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe" [BU] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = nu.nl mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\bn4xikrh.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: z: {391519d9-1310-2b1a-f98e-346a8f240119} - c:\program files (x86)\Mozilla Firefox\extensions\{391519d9-1310-2b1a-f98e-346a8f240119} FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) AddRemove-Ad-Aware - c:\programdata\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe AddRemove-{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} - c:\programdata\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\SecuROM\License information*] "datasecu"=hex:ec,f5,d8,d3,9e,c5,f8,86,38,7f,86,a0,66,dd,af,50,e0,67,f4,19,4b, 0e,17,48,b9,60,66,ab,93,d8,f5,ab,a7,12,cd,ae,d7,9a,31,89,0e,89,35,89,d7,9d,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-03-12 20:00:54 ComboFix-quarantined-files.txt 2011-03-12 19:00 ComboFix2.txt 2011-03-12 16:15 ComboFix3.txt 2011-03-12 16:05 . Pre-Run: 322,437,750,784 bytes free Post-Run: 322,151,391,232 bytes free . - - End Of File - - 54777E75C831B20F2731C47F5BF119A9
  • Hoi Max, in C vindt je een map NVidia. Open die map en kijk of je de setup.exe vindt. Zoja, hier op dubbelklikken! Dan wordt de vidodriver opnieuw geïnstalleerd! Vreemd overigens - dat deze nu is uitgeschakeld!
  • Gedaan, ook opnieuw gedownload en nogsteeds niks. Raar. En de youprofitclub teistert mijn IE en firefox nogsteeds. Misschien moet ik mijn hele systeem maar formatteren, of denk je dat er toch een oplossing voor is?
  • Het vervelende is, dat ik niks kan vinden waardoor je die meldingen krijgt! Maar je mag daarom het volgende doen, kijken of dat meer oplevert! [b:bbff7071ca]Welk programma[/b:bbff7071ca]: RSIT [b:bbff7071ca]Waarvoor/waarom[/b:bbff7071ca]: geeft een zeer uitgebreid overzicht van Windows [b:bbff7071ca]Moeilijkheidsgraad[/b:bbff7071ca]: geen [b:bbff7071ca]Downloadlokatie[/b:bbff7071ca]: Dit programma absoluut naar het bureaublad downloaden! [b:bbff7071ca]Download RSIT[/b:bbff7071ca] [url=http://images.malwareremoval.com/random/RSIT.exe][b:bbff7071ca]hier[/b:bbff7071ca][/url][/list] [b:bbff7071ca]Het gebruik van RSIT,[/b:bbff7071ca] [list:bbff7071ca][*:bbff7071ca]Windows 2000 en Windows XP: start RSIT middels dubbelklik op de snelkoppeling. [*:bbff7071ca]Windows Vista en Windows 7: start RSIT middels rechtsklik op de snelkoppeling en kies dan voor "Uitvoeren als administrator".[/list:u:bbff7071ca] [b:bbff7071ca]Nadat de scan beëindigd is, zullen twee logs openen.[/b:bbff7071ca] [list:bbff7071ca][*:bbff7071ca] Post vervolgens de inhoud van 'log.txt' ('log.txt' zal gemaximaliseerd zijn) [*:bbff7071ca] Post ook 'info.txt' ('info.txt', dit log zal eerst geminimaliseerd zijn in de Taakbalk) [*:bbff7071ca] Indien je [b:bbff7071ca]info.txt[/b:bbff7071ca] niet vindt, kijk dan in C:\ er naar.[/list:u:bbff7071ca] [b:bbff7071ca]Voor gebruikers van Windows Vista 64-bit- of Windows 7 64-bit geldt nog het volgende:[/b:bbff7071ca] [list:bbff7071ca][*:bbff7071ca]RSIT dient dan namelijk in 'compatibiliteitsmodus' uitgevoerd te worden. [*:bbff7071ca] Middels rechtsklik op 'RSIT.exe' kies je voor 'Eigenschappen', [*:bbff7071ca] klik nu op de tab 'Compatibiliteit'. [*:bbff7071ca] Vink 'Dit programma uitvoeren in compatibiliteitsmodus' aan en kies vervolgens voor 'Windows XP Service Pack 3'[/list:u:bbff7071ca] RSIT produceert een behoorlijk groot log, dus kan het gebeuren, dat je het log moet splitsen en in twee of meerdere keren moet posten.
  • Oke bedankt, komtie! Logfile of random's system information tool 1.08 (written by random/random) Run by Max at 2011-03-12 21:42:15 Microsoft Windows 7 Home Premium Service Pack 3 System drive C: has 307 GB (86%) free of 356 GB Total RAM: 3886 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:42:29, on 3/12/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\windows\SysWOW64\rundll32.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Users\Max\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Max.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12035 bytes ======Scheduled tasks folder====== C:\windows\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-02-11 1246600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-26 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696] "MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-06-18 2486272] "THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-06-12 1349632] "UpdReg"=C:\windows\UpdReg.EXE [2000-05-11 90112] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888] "PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2010-04-12 180224] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-03-07 421160] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-02-22 396152] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-09-23 4240760] C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Update.lnk - C:\Windows\System32\rundll32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 months====== 2011-03-12 21:42:15 ----D---- C:\rsit 2011-03-12 20:56:57 ----SHD---- C:\Config.Msi 2011-03-12 20:24:19 ----SHD---- C:\$RECYCLE.BIN 2011-03-12 20:00:56 ----D---- C:\windows\temp 2011-03-12 20:00:55 ----A---- C:\ComboFix.txt 2011-03-12 19:53:18 ----A---- C:\windows\SWXCACLS.exe 2011-03-12 18:34:47 ----D---- C:\Program Files (x86)\SystemRequirementsLab 2011-03-12 17:32:41 ----A---- C:\BnetLog.txt 2011-03-12 16:58:45 ----A---- C:\windows\zip.exe 2011-03-12 16:58:45 ----A---- C:\windows\SWSC.exe 2011-03-12 16:58:45 ----A---- C:\windows\SWREG.exe 2011-03-12 16:58:45 ----A---- C:\windows\sed.exe 2011-03-12 16:58:45 ----A---- C:\windows\PEV.exe 2011-03-12 16:58:45 ----A---- C:\windows\NIRCMD.exe 2011-03-12 16:58:45 ----A---- C:\windows\MBR.exe 2011-03-12 16:58:45 ----A---- C:\windows\grep.exe 2011-03-12 16:58:40 ----D---- C:\windows\ERDNT 2011-03-12 16:58:05 ----D---- C:\Qoobox 2011-03-12 16:25:48 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2011-03-12 15:08:58 ----D---- C:\ProgramData\KONAMI 2011-03-11 23:23:40 ----D---- C:\ProgramData\Electronic Arts 2011-03-11 23:23:40 ----D---- C:\ProgramData\EA Core 2011-03-11 21:59:41 ----A---- C:\windows\SysWOW64\XAudio2_6.dll 2011-03-11 21:59:41 ----A---- C:\windows\SysWOW64\XAPOFX1_4.dll 2011-03-11 21:59:38 ----A---- C:\windows\SysWOW64\xactengine3_6.dll 2011-03-11 21:59:37 ----A---- C:\windows\SysWOW64\X3DAudio1_7.dll 2011-03-11 21:59:28 ----A---- C:\windows\SysWOW64\xactengine3_5.dll 2011-03-11 21:59:26 ----A---- C:\windows\SysWOW64\D3DCompiler_42.dll 2011-03-11 21:59:19 ----A---- C:\windows\SysWOW64\d3dcsx_42.dll 2011-03-11 21:59:17 ----A---- C:\windows\SysWOW64\d3dx11_42.dll 2011-03-11 21:59:10 ----A---- C:\windows\SysWOW64\D3DX9_42.dll 2011-03-11 21:58:33 ----A---- C:\windows\SysWOW64\XAudio2_3.dll 2011-03-11 21:58:33 ----A---- C:\windows\SysWOW64\XAPOFX1_2.dll 2011-03-11 21:58:31 ----A---- C:\windows\SysWOW64\xactengine3_3.dll 2011-03-11 21:58:28 ----A---- C:\windows\SysWOW64\X3DAudio1_5.dll 2011-03-11 21:58:24 ----A---- C:\windows\SysWOW64\XAudio2_2.dll 2011-03-11 21:58:24 ----A---- C:\windows\SysWOW64\XAPOFX1_1.dll 2011-03-11 21:58:22 ----A---- C:\windows\SysWOW64\xactengine3_2.dll 2011-03-11 21:54:26 ----D---- C:\ProgramData\Solidshield 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\OpenCL.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvwgf2um.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvoptimusmft.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvoglv32.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvdecodemft.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvd3dum.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvcuvid.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvcuvenc.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvcuda.dll 2011-03-11 21:09:43 ----A---- C:\windows\SysWOW64\nvcompiler.dll 2011-03-11 21:08:34 ----D---- C:\NVIDIA 2011-03-11 18:51:57 ----A---- C:\windows\SysWOW64\aswBoot.exe 2011-03-11 18:51:54 ----D---- C:\ProgramData\AVAST Software 2011-03-11 16:46:10 ----D---- C:\Users\Max\AppData\Roaming\Leadertech 2011-03-11 16:39:11 ----A---- C:\windows\SysWOW64\D3DX9_41.dll 2011-03-11 16:39:10 ----A---- C:\windows\SysWOW64\XAudio2_4.dll 2011-03-11 16:39:10 ----A---- C:\windows\SysWOW64\xactengine3_4.dll 2011-03-11 16:39:10 ----A---- C:\windows\SysWOW64\X3DAudio1_6.dll 2011-03-11 16:39:10 ----A---- C:\windows\SysWOW64\D3DX9_40.dll 2011-03-11 16:39:10 ----A---- C:\windows\SysWOW64\d3dx10_40.dll 2011-03-11 16:39:10 ----A---- C:\windows\SysWOW64\D3DCompiler_40.dll 2011-03-11 16:39:08 ----A---- C:\windows\SysWOW64\d3dx10_39.dll 2011-03-11 16:39:08 ----A---- C:\windows\SysWOW64\D3DCompiler_39.dll 2011-03-11 16:39:07 ----A---- C:\windows\SysWOW64\XAudio2_1.dll 2011-03-11 16:39:07 ----A---- C:\windows\SysWOW64\XAPOFX1_0.dll 2011-03-11 16:39:07 ----A---- C:\windows\SysWOW64\xactengine3_1.dll 2011-03-11 16:39:07 ----A---- C:\windows\SysWOW64\X3DAudio1_4.dll 2011-03-11 16:39:07 ----A---- C:\windows\SysWOW64\D3DX9_39.dll 2011-03-11 16:39:06 ----A---- C:\windows\SysWOW64\D3DX9_38.dll 2011-03-11 16:39:06 ----A---- C:\windows\SysWOW64\d3dx10_38.dll 2011-03-11 16:39:06 ----A---- C:\windows\SysWOW64\D3DCompiler_38.dll 2011-03-11 16:39:05 ----A---- C:\windows\SysWOW64\XAudio2_0.dll 2011-03-11 16:39:05 ----A---- C:\windows\SysWOW64\xactengine3_0.dll 2011-03-11 16:39:05 ----A---- C:\windows\SysWOW64\X3DAudio1_3.dll 2011-03-11 16:39:05 ----A---- C:\windows\SysWOW64\D3DX9_37.dll 2011-03-11 16:39:05 ----A---- C:\windows\SysWOW64\d3dx10_37.dll 2011-03-11 16:39:05 ----A---- C:\windows\SysWOW64\D3DCompiler_37.dll 2011-03-11 16:39:04 ----A---- C:\windows\SysWOW64\xactengine2_10.dll 2011-03-11 16:39:03 ----A---- C:\windows\SysWOW64\d3dx9_36.dll 2011-03-11 16:39:03 ----A---- C:\windows\SysWOW64\d3dx10_36.dll 2011-03-11 16:39:03 ----A---- C:\windows\SysWOW64\D3DCompiler_36.dll 2011-03-11 16:39:02 ----A---- C:\windows\SysWOW64\xactengine2_9.dll 2011-03-11 16:39:01 ----A---- C:\windows\SysWOW64\d3dx9_35.dll 2011-03-11 16:39:01 ----A---- C:\windows\SysWOW64\d3dx10_35.dll 2011-03-11 16:39:01 ----A---- C:\windows\SysWOW64\D3DCompiler_35.dll 2011-03-11 16:38:59 ----A---- C:\windows\SysWOW64\xinput1_3.dll 2011-03-11 16:38:59 ----A---- C:\windows\SysWOW64\xactengine2_8.dll 2011-03-11 16:38:59 ----A---- C:\windows\SysWOW64\X3DAudio1_2.dll 2011-03-11 16:38:59 ----A---- C:\windows\SysWOW64\d3dx9_34.dll 2011-03-11 16:38:59 ----A---- C:\windows\SysWOW64\d3dx10_34.dll 2011-03-11 16:38:59 ----A---- C:\windows\SysWOW64\D3DCompiler_34.dll 2011-03-11 16:38:58 ----A---- C:\windows\SysWOW64\xactengine2_7.dll 2011-03-11 16:38:58 ----A---- C:\windows\SysWOW64\d3dx9_33.dll 2011-03-11 16:38:58 ----A---- C:\windows\SysWOW64\d3dx10_33.dll 2011-03-11 16:38:58 ----A---- C:\windows\SysWOW64\D3DCompiler_33.dll 2011-03-11 16:38:57 ----A---- C:\windows\SysWOW64\xactengine2_6.dll 2011-03-11 16:38:57 ----A---- C:\windows\SysWOW64\xactengine2_5.dll 2011-03-11 16:38:57 ----A---- C:\windows\SysWOW64\d3dx10.dll 2011-03-11 16:38:55 ----A---- C:\windows\SysWOW64\xactengine2_4.dll 2011-03-11 16:38:55 ----A---- C:\windows\SysWOW64\x3daudio1_1.dll 2011-03-11 16:38:55 ----A---- C:\windows\SysWOW64\d3dx9_31.dll 2011-03-11 16:38:54 ----A---- C:\windows\SysWOW64\xinput1_2.dll 2011-03-11 16:38:54 ----A---- C:\windows\SysWOW64\xinput1_1.dll 2011-03-11 16:38:54 ----A---- C:\windows\SysWOW64\xactengine2_3.dll 2011-03-11 16:38:54 ----A---- C:\windows\SysWOW64\xactengine2_2.dll 2011-03-11 16:38:53 ----A---- C:\windows\SysWOW64\xactengine2_1.dll 2011-03-11 16:38:50 ----A---- C:\windows\SysWOW64\xactengine2_0.dll 2011-03-11 16:38:50 ----A---- C:\windows\SysWOW64\x3daudio1_0.dll 2011-03-11 16:38:50 ----A---- C:\windows\SysWOW64\d3dx9_30.dll 2011-03-11 16:38:50 ----A---- C:\windows\SysWOW64\d3dx9_29.dll 2011-03-11 16:38:49 ----A---- C:\windows\SysWOW64\d3dx9_28.dll 2011-03-11 16:38:49 ----A---- C:\windows\SysWOW64\d3dx9_27.dll 2011-03-11 16:38:49 ----A---- C:\windows\SysWOW64\d3dx9_26.dll 2011-03-11 16:38:48 ----A---- C:\windows\SysWOW64\d3dx9_25.dll 2011-03-11 16:38:48 ----A---- C:\windows\SysWOW64\d3dx9_24.dll 2011-03-10 20:00:47 ----D---- C:\Program Files (x86)\Trend Micro 2011-03-10 19:31:57 ----D---- C:\Users\Max\AppData\Roaming\Malwarebytes 2011-03-10 19:29:37 ----D---- C:\ProgramData\Malwarebytes 2011-03-10 19:29:37 ----A---- C:\windows\SysWOW64\drivers\mbamswissarmy.sys 2011-03-10 19:29:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-03-10 19:12:33 ----D---- C:\ProgramData\Spybot - Search & Destroy 2011-03-10 19:12:33 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2011-03-10 18:37:47 ----D---- C:\Users\Max\AppData\Roaming\SUPERAntiSpyware.com 2011-03-10 18:37:47 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2011-03-10 18:37:44 ----D---- C:\ProgramData\!SASCORE 2011-03-10 13:48:29 ----D---- C:\windows\en 2011-03-10 13:47:04 ----D---- C:\Program Files (x86)\MSN Toolbar 2011-03-10 13:46:59 ----D---- C:\Program Files (x86)\Bing Bar Installer 2011-03-10 13:46:58 ----A---- C:\windows\SysWOW64\XAudio2_5.dll 2011-03-10 13:46:58 ----A---- C:\windows\SysWOW64\XAPOFX1_3.dll 2011-03-10 13:46:58 ----A---- C:\windows\SysWOW64\d3dx10_42.dll 2011-03-10 01:14:10 ----A---- C:\windows\SysWOW64\DWrite.dll 2011-03-10 01:14:10 ----A---- C:\windows\SysWOW64\d2d1.dll 2011-03-10 01:14:09 ----A---- C:\windows\SysWOW64\sbe.dll 2011-03-10 01:14:09 ----A---- C:\windows\SysWOW64\EncDec.dll 2011-03-10 01:14:09 ----A---- C:\windows\SysWOW64\CPFilters.dll 2011-03-10 01:14:07 ----A---- C:\windows\SysWOW64\mstscax.dll 2011-03-10 01:14:07 ----A---- C:\windows\SysWOW64\mstsc.exe 2011-03-10 01:05:51 ----D---- C:\ProgramData\Lavasoft 2011-03-10 01:05:51 ----D---- C:\Program Files (x86)\Lavasoft 2011-03-10 01:03:58 ----D---- C:\Program Files (x86)\iTunes 2011-03-08 06:57:33 ----A---- C:\windows\SysWOW64\f8d264bc.exe 2011-03-02 00:39:59 ----D---- C:\Users\Max\AppData\Roaming\dvdcss 2011-03-01 13:18:07 ----D---- C:\ProgramData\VirtualizedApplications 2011-02-28 21:50:32 ----D---- C:\Users\Max\AppData\Roaming\SoftGrid Client 2011-02-28 21:50:08 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI 2011-02-28 21:49:53 ----D---- C:\Users\Max\AppData\Roaming\TP 2011-02-28 17:22:17 ----D---- C:\Users\Max\AppData\Roaming\Opera 2011-02-28 17:22:15 ----D---- C:\Program Files (x86)\Opera 2011-02-28 15:40:14 ----D---- C:\Program Files (x86)\Microsoft.NET 2011-02-27 14:06:43 ----D---- C:\Program Files (x86)\SopCast 2011-02-26 22:51:32 ----D---- C:\ProgramData\Hewlett-Packard 2011-02-26 16:38:06 ----D---- C:\ProgramData\Sun 2011-02-26 16:38:06 ----D---- C:\Program Files (x86)\Common Files\Java 2011-02-26 16:37:53 ----A---- C:\windows\SysWOW64\javaws.exe 2011-02-26 16:37:53 ----A---- C:\windows\SysWOW64\javaw.exe 2011-02-26 16:37:53 ----A---- C:\windows\SysWOW64\java.exe 2011-02-26 16:37:53 ----A---- C:\windows\SysWOW64\deployJava1.dll 2011-02-26 16:37:43 ----D---- C:\Program Files (x86)\Java 2011-02-26 16:37:32 ----D---- C:\ProgramData\McAfee 2011-02-26 16:24:19 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2011-02-26 16:15:55 ----RHD---- C:\Users\Max\AppData\Roaming\SecuROM 2011-02-26 14:21:58 ----D---- C:\Program Files (x86)\PowerISO 2011-02-24 07:14:33 ----A---- C:\windows\SysWOW64\wcncsvc.dll 2011-02-23 19:42:15 ----A---- C:\windows\SysWOW64\XpsPrint.dll 2011-02-23 19:42:14 ----A---- C:\windows\SysWOW64\XpsGdiConverter.dll 2011-02-22 22:35:35 ----D---- C:\Users\Max\AppData\Roaming\vlc 2011-02-22 22:31:15 ----D---- C:\Program Files (x86)\VideoLAN 2011-02-22 19:34:10 ----D---- C:\Users\Max\AppData\Roaming\Apple Computer 2011-02-22 19:33:48 ----A---- C:\windows\SysWOW64\GEARAspi.dll 2011-02-22 19:33:09 ----D---- C:\Program Files (x86)\Guitar Pro 5 2011-02-22 19:32:42 ----D---- C:\Program Files (x86)\Apple Software Update 2011-02-22 19:32:24 ----D---- C:\Program Files (x86)\Bonjour 2011-02-22 19:28:49 ----D---- C:\Program Files (x86)\uTorrent 2011-02-22 19:28:15 ----D---- C:\Users\Max\AppData\Roaming\uTorrent 2011-02-22 17:14:38 ----D---- C:\ProgramData\Apple Computer 2011-02-22 17:14:38 ----D---- C:\Program Files (x86)\QuickTime 2011-02-22 17:13:36 ----D---- C:\Program Files (x86)\Common Files\Apple 2011-02-22 17:13:29 ----D---- C:\ProgramData\Apple 2011-02-21 21:45:11 ----D---- C:\Users\Max\AppData\Roaming\skypePM 2011-02-21 21:42:02 ----D---- C:\Program Files (x86)\Common Files\Skype 2011-02-21 21:42:00 ----RD---- C:\Program Files (x86)\Skype 2011-02-21 21:42:00 ----D---- C:\Users\Max\AppData\Roaming\Skype 2011-02-21 21:41:58 ----D---- C:\ProgramData\Skype 2011-02-16 20:29:13 ----D---- C:\windows\SysWOW64\Wat 2011-02-16 13:23:14 ----A---- C:\windows\SysWOW64\PresentationHostProxy.dll 2011-02-16 13:23:14 ----A---- C:\windows\SysWOW64\PresentationHost.exe 2011-02-16 13:23:14 ----A---- C:\windows\SysWOW64\netfxperf.dll 2011-02-16 13:23:14 ----A---- C:\windows\SysWOW64\mscoree.dll 2011-02-16 13:23:14 ----A---- C:\windows\SysWOW64\dfshim.dll 2011-02-16 10:35:15 ----A---- C:\windows\SysWOW64\shell32.dll 2011-02-16 10:35:10 ----A---- C:\windows\SysWOW64\mshtml.dll 2011-02-16 10:35:08 ----A---- C:\windows\SysWOW64\iertutil.dll 2011-02-16 10:35:07 ----A---- C:\windows\SysWOW64\mstime.dll 2011-02-16 10:35:07 ----A---- C:\windows\SysWOW64\msfeedsbs.dll 2011-02-16 10:35:07 ----A---- C:\windows\SysWOW64\msfeeds.dll 2011-02-16 10:35:07 ----A---- C:\windows\SysWOW64\licmgr10.dll 2011-02-16 10:35:07 ----A---- C:\windows\SysWOW64\iepeers.dll 2011-02-16 10:35:07 ----A---- C:\windows\SysWOW64\iedkcs32.dll 2011-02-16 10:35:06 ----A---- C:\windows\SysWOW64\mshtmled.dll 2011-02-16 10:35:06 ----A---- C:\windows\SysWOW64\msfeedssync.exe 2011-02-16 10:35:03 ----A---- C:\windows\SysWOW64\kerberos.dll 2011-02-16 10:35:01 ----A---- C:\windows\SysWOW64\tzres.dll 2011-02-16 10:34:59 ----A---- C:\windows\SysWOW64\t2embed.dll 2011-02-16 10:34:58 ----A---- C:\windows\SysWOW64\ole32.dll 2011-02-16 10:34:57 ----A---- C:\windows\SysWOW64\taskschd.dll 2011-02-16 10:34:57 ----A---- C:\windows\SysWOW64\taskeng.exe 2011-02-16 10:34:57 ----A---- C:\windows\SysWOW64\taskcomp.dll 2011-02-16 10:34:57 ----A---- C:\windows\SysWOW64\StructuredQuery.dll 2011-02-16 10:34:57 ----A---- C:\windows\SysWOW64\schtasks.exe 2011-02-16 10:34:52 ----A---- C:\windows\SysWOW64\inetcomm.dll 2011-02-16 10:34:44 ----A---- C:\windows\SysWOW64\schannel.dll 2011-02-16 10:34:42 ----A---- C:\windows\SysWOW64\comctl32.dll 2011-02-16 10:34:41 ----A---- C:\windows\SysWOW64\ieframe.dll 2011-02-16 10:34:40 ----A---- C:\windows\SysWOW64\wininet.dll 2011-02-16 10:34:40 ----A---- C:\windows\SysWOW64\urlmon.dll 2011-02-16 10:34:40 ----A---- C:\windows\SysWOW64\upnp.dll 2011-02-16 10:34:40 ----A---- C:\windows\SysWOW64\msxml6.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\wscapi.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\winhttp.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\WebClnt.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\slwga.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\msxml3.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\jsproxy.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\ieui.dll 2011-02-16 10:34:39 ----A---- C:\windows\SysWOW64\davclnt.dll 2011-02-16 10:34:38 ----A---- C:\windows\SysWOW64\rtutils.dll 2011-02-16 10:34:38 ----A---- C:\windows\SysWOW64\oleaut32.dll 2011-02-16 10:34:36 ----A---- C:\windows\SysWOW64\d3d10warp.dll 2011-02-16 10:34:35 ----A---- C:\windows\SysWOW64\mf.dll 2011-02-16 10:34:34 ----A---- C:\windows\SysWOW64\XpsRasterService.dll 2011-02-16 10:34:34 ----A---- C:\windows\SysWOW64\WMVDECOD.DLL 2011-02-16 10:34:34 ----A---- C:\windows\SysWOW64\mfreadwrite.dll 2011-02-16 10:34:34 ----A---- C:\windows\SysWOW64\ExplorerFrame.dll 2011-02-16 10:34:34 ----A---- C:\windows\SysWOW64\d3d10_1core.dll 2011-02-16 10:34:34 ----A---- C:\windows\SysWOW64\d3d10_1.dll 2011-02-16 10:34:31 ----A---- C:\windows\SysWOW64\webio.dll 2011-02-16 10:34:31 ----A---- C:\windows\SysWOW64\vbscript.dll 2011-02-16 10:34:31 ----A---- C:\windows\SysWOW64\jscript.dll 2011-02-16 10:34:31 ----A---- C:\windows\SysWOW64\iccvid.dll 2011-02-16 10:34:29 ----A---- C:\windows\SysWOW64\wmpmde.dll 2011-02-16 10:34:27 ----A---- C:\windows\SysWOW64\ntoskrnl.exe 2011-02-16 10:34:27 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe 2011-02-16 10:34:27 ----A---- C:\windows\SysWOW64\ntdll.dll 2011-02-16 10:34:22 ----A---- C:\windows\SysWOW64\atmlib.dll 2011-02-16 10:34:22 ----A---- C:\windows\SysWOW64\atmfd.dll 2011-02-16 10:34:21 ----A---- C:\windows\SysWOW64\mfc40u.dll 2011-02-16 10:34:21 ----A---- C:\windows\SysWOW64\mfc40.dll 2011-02-16 10:34:18 ----A---- C:\windows\SysWOW64\wmp.dll 2011-02-16 10:34:17 ----A---- C:\windows\SysWOW64\wmploc.DLL 2011-02-16 10:34:16 ----A---- C:\windows\SysWOW64\odbc32.dll 2011-02-16 10:34:14 ----A---- C:\windows\SysWOW64\sscore.dll 2011-02-15 20:54:40 ----D---- C:\Users\Max\AppData\Roaming\Mozilla 2011-02-15 20:54:38 ----D---- C:\Program Files (x86)\Mozilla Firefox 2011-02-15 18:10:09 ----D---- C:\Users\Max\AppData\Roaming\Intel Corporation 2011-02-15 18:09:34 ----D---- C:\Users\Max\AppData\Roaming\Identities 2011-02-15 18:08:29 ----D---- C:\Users\Max\AppData\Roaming\Macromedia 2011-02-15 18:08:29 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2011-02-15 18:08:28 ----D---- C:\Users\Max\AppData\Roaming\Adobe 2011-02-15 18:08:16 ----D---- C:\ProgramData\Adobe 2011-02-15 18:08:15 ----D---- C:\Program Files (x86)\Common Files\Adobe 2011-02-15 18:08:15 ----D---- C:\Program Files (x86)\Adobe 2011-02-15 18:07:31 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2011-02-15 18:06:26 ----A---- C:\windows\SysWOW64\d3dx9_32.dll 2011-02-15 18:05:20 ----D---- C:\Program Files (x86)\Microsoft 2011-02-15 18:04:54 ----D---- C:\Program Files (x86)\Windows Live 2011-02-15 18:03:45 ----D---- C:\Program Files (x86)\Common Files\Windows Live 2011-02-15 17:58:39 ----A---- C:\windows\silentOnce.tmp 2011-02-15 17:56:18 ----SD---- C:\Users\Max\AppData\Roaming\Microsoft 2011-02-15 17:56:18 ----D---- C:\Users\Max\AppData\Roaming\Media Center Programs 2011-02-15 17:56:00 ----D---- C:\Recovery 2011-02-15 17:55:55 ----D---- C:\windows\SoftwareDistribution ======List of files/folders modified in the last 1 months====== 2011-03-12 21:11:56 ----D---- C:\windows\Tasks 2011-03-12 21:02:05 ----A---- C:\windows\SysWOW64\log.txt 2011-03-12 21:00:18 ----D---- C:\Windows 2011-03-12 20:59:42 ----D---- C:\windows\Prefetch 2011-03-12 20:59:00 ----D---- C:\ProgramData\NVIDIA 2011-03-12 20:58:44 ----D---- C:\windows\SysWOW64\NV 2011-03-12 20:57:19 ----D---- C:\windows\inf 2011-03-12 20:57:15 ----SHD---- C:\windows\Installer 2011-03-12 20:57:00 ----D---- C:\windows\System32 2011-03-12 19:59:28 ----A---- C:\windows\system.ini 2011-03-12 19:59:04 ----D---- C:\windows\SysWOW64 2011-03-12 19:59:04 ----D---- C:\ProgramData 2011-03-12 19:57:34 ----D---- C:\windows\SysWOW64\drivers 2011-03-12 19:57:33 ----D---- C:\windows\AppPatch 2011-03-12 19:57:32 ----D---- C:\Program Files (x86)\Common Files 2011-03-12 18:34:47 ----RD---- C:\Program Files (x86) 2011-03-12 18:34:37 ----D---- C:\windows\Downloaded Program Files 2011-03-12 18:19:11 ----SHD---- C:\System Volume Information 2011-03-11 21:56:02 ----RSD---- C:\windows\assembly 2011-03-11 21:11:45 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2011-03-11 18:52:09 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2011-03-11 18:51:54 ----RD---- C:\Program Files 2011-03-11 16:38:51 ----D---- C:\windows\Microsoft.NET 2011-03-11 16:36:07 ----D---- C:\windows\winsxs 2011-03-10 18:34:19 ----D---- C:\windows\debug 2011-03-10 13:47:39 ----SD---- C:\ProgramData\Microsoft 2011-03-10 13:46:56 ----D---- C:\windows\Logs 2011-03-08 06:59:28 ----D---- C:\Program Files (x86)\Microsoft Office 2011-02-28 15:40:14 ----D---- C:\windows\SysWOW64\en-US 2011-02-23 22:15:17 ----D---- C:\windows\rescache 2011-02-23 22:12:34 ----D---- C:\Program Files (x86)\Windows Sidebar 2011-02-23 22:12:34 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2011-02-23 22:12:34 ----D---- C:\Program Files (x86)\Windows Media Player 2011-02-23 22:12:34 ----D---- C:\Program Files (x86)\Windows Mail 2011-02-23 22:12:34 ----D---- C:\Program Files (x86)\Windows Defender 2011-02-23 22:12:34 ----D---- C:\Program Files (x86)\Internet Explorer 2011-02-23 22:12:34 ----D---- C:\Program Files (x86)\Common Files\System 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\winrm 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\WCN 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\wbem 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\slmgr 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\Printing_Admin_Scripts 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\MUI 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\migwiz 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\migration 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\DriverStore 2011-02-23 22:12:33 ----D---- C:\windows\SysWOW64\Dism 2011-02-23 22:12:33 ----D---- C:\windows\servicing 2011-02-23 22:12:33 ----D---- C:\windows\ehome 2011-02-23 22:12:32 ----D---- C:\windows\SysWOW64\sv-SE 2011-02-23 22:12:30 ----D---- C:\windows\SysWOW64\com 2011-02-23 22:12:30 ----D---- C:\windows\PolicyDefinitions 2011-02-23 22:12:30 ----D---- C:\windows\IME 2011-02-23 22:09:16 ----D---- C:\windows\SysWOW64\nb-NO 2011-02-23 22:06:24 ----D---- C:\windows\it-IT 2011-02-23 22:06:23 ----D---- C:\windows\SysWOW64\oobe 2011-02-23 22:06:23 ----D---- C:\windows\SysWOW64\it-IT 2011-02-23 22:06:17 ----D---- C:\windows\SysWOW64\sysprep 2011-02-23 22:06:17 ----D---- C:\windows\SysWOW64\Setup 2011-02-23 22:06:17 ----D---- C:\windows\SysWOW64\drivers\UMDF 2011-02-23 22:03:06 ----D---- C:\windows\SysWOW64\el-GR 2011-02-23 21:59:58 ----D---- C:\windows\SysWOW64\de-DE 2011-02-23 21:59:58 ----D---- C:\windows\de-DE 2011-02-23 21:56:52 ----D---- C:\windows\fr-FR 2011-02-23 21:56:51 ----D---- C:\windows\SysWOW64\fr-FR 2011-02-23 21:53:23 ----D---- C:\windows\SysWOW64\fi-FI 2011-02-23 21:49:56 ----D---- C:\windows\SysWOW64\nl-NL 2011-02-23 21:49:56 ----D---- C:\windows\nl-NL 2011-02-23 21:45:30 ----D---- C:\windows\SysWOW64\da-DK 2011-02-22 19:33:10 ----RSD---- C:\windows\Fonts 2011-02-15 22:15:30 ----D---- C:\Program Files (x86)\MSI 2011-02-15 20:38:38 ----D---- C:\ProgramData\Norton 2011-02-15 20:36:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2011-02-15 17:58:55 ----D---- C:\Utility 2011-02-15 17:56:17 ----RD---- C:\Users 2011-02-15 17:56:13 ----D---- C:\windows\Panther ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdxata;amdxata; C:\windows\system32\DRIVERS\amdxata.sys [] R0 CLFS;@%SystemRoot%\system32\clfs.sys,-100; C:\windows\System32\CLFS.sys [] R0 CNG;CNG; C:\windows\System32\Drivers\cng.sys [] R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\windows\system32\drivers\fileinfo.sys [] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\windows\System32\DRIVERS\fvevol.sys [] R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\windows\System32\drivers\hwpolicy.sys [] R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [] R0 KSecPkg;KSecPkg; C:\windows\System32\Drivers\ksecpkg.sys [] R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [] R0 msisadrv;msisadrv; C:\windows\system32\DRIVERS\msisadrv.sys [] R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [] R0 pcw;Performance Counters for Windows Driver; C:\windows\System32\drivers\pcw.sys [] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [] R0 spldr;Security Processor Loader Driver; C:\windows\SysWOW64\drivers\spldr.sys [] R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver; C:\windows\system32\DRIVERS\vdrvroot.sys [] R0 volmgr;Volume Manager Driver; C:\windows\system32\DRIVERS\volmgr.sys [] R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\windows\System32\drivers\volmgrx.sys [] R0 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\system32\drivers\Wdf01000.sys [] R1 aswRdr;aswRdr; C:\windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys [] R1 blbdrive;blbdrive; C:\windows\system32\DRIVERS\blbdrive.sys [] R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\windows\System32\Drivers\dfsc.sys [] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\windows\System32\drivers\discache.sys [] R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\windows\system32\drivers\nsiproxy.sys [] R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\windows\system32\drivers\rdpencdd.sys [] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\windows\system32\drivers\rdprefmp.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] R1 SCDEmu;SCDEmu; C:\windows\SysWOW64\drivers\SCDEmu.sys [] R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\windows\system32\DRIVERS\tdx.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [] R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\windows\system32\DRIVERS\wanarp.sys [] R1 WfpLwf;WFP Lightweight Filter; C:\windows\system32\DRIVERS\wfplwf.sys [] R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [] R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\windows\system32\DRIVERS\lltdio.sys [] R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\windows\system32\drivers\luafv.sys [] R2 PEAUTH;PEAUTH; C:\windows\system32\drivers\peauth.sys [] R2 rspndr;Link-Layer Topology Discovery Responder; C:\windows\system32\DRIVERS\rspndr.sys [] R2 tcpipreg;TCP/IP Registry Compatibility; C:\windows\System32\drivers\tcpipreg.sys [] R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\windows\system32\DRIVERS\bowser.sys [] R3 CompositeBus;Composite Bus Enumerator Driver; C:\windows\system32\DRIVERS\CompositeBus.sys [] R3 DXGKrnl;LDDM Graphics Subsystem; C:\windows\System32\drivers\dxgkrnl.sys [] R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [] R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [] R3 HidUsb;Microsoft HID Class Driver; C:\windows\system32\DRIVERS\hidusb.sys [] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [] R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [] R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [] R3 intelppm;Intel Processor Driver; C:\windows\system32\DRIVERS\intelppm.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\windows\system32\drivers\ksthunk.sys [] R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-09 17152] R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [] R3 monitor;Microsoft Monitor Class Function Driver Service; C:\windows\system32\DRIVERS\monitor.sys [] R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\windows\System32\drivers\mpsdrv.sys [] R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\windows\system32\DRIVERS\mrxsmb10.sys [] R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\windows\system32\DRIVERS\mrxsmb20.sys [] R3 NativeWifiP;NativeWiFi Filter; C:\windows\system32\DRIVERS\nwifi.sys [] R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETw5s64.sys [] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [] R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\windows\system32\DRIVERS\AgileVpn.sys [] R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\windows\system32\DRIVERS\rassstp.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [] R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\windows\System32\DRIVERS\srv2.sys [] R3 srvnet;srvnet; C:\windows\System32\DRIVERS\srvnet.sys [] R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\windows\system32\DRIVERS\tunnel.sys [] R3 umbus;UMBus Enumerator Driver; C:\windows\system32\DRIVERS\umbus.sys [] R3 vwifibus;Virtual WiFi Bus Driver; C:\windows\system32\DRIVERS\vwifibus.sys [] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\windows\system32\drivers\WudfPf.sys [] R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\windows\system32\DRIVERS\xusb21.sys [] S3 1394ohci;1394 OHCI Compliant Host Controller; C:\windows\system32\DRIVERS\1394ohci.sys [] S3 AcpiPmi;ACPI Power Meter Driver; C:\windows\system32\DRIVERS\acpipmi.sys [] S3 adp94xx;adp94xx; C:\windows\system32\DRIVERS\adp94xx.sys [] S3 adpahci;adpahci; C:\windows\system32\DRIVERS\adpahci.sys [] S3 adpu320;adpu320; C:\windows\system32\DRIVERS\adpu320.sys [] S3 agp440;Intel AGP Bus Filter; C:\windows\system32\DRIVERS\agp440.sys [] S3 amdide;amdide; C:\windows\system32\DRIVERS\amdide.sys [] S3 AmdK8;AMD K8 Processor Driver; C:\windows\system32\DRIVERS\amdk8.sys [] S3 AmdPPM;AMD Processor Driver; C:\windows\system32\DRIVERS\amdppm.sys [] S3 amdsata;amdsata; C:\windows\system32\DRIVERS\amdsata.sys [] S3 amdsbs;amdsbs; C:\windows\system32\DRIVERS\amdsbs.sys [] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\windows\system32\drivers\appid.sys [] S3 arc;arc; C:\windows\system32\DRIVERS\arc.sys [] S3 arcsas;arcsas; C:\windows\system32\DRIVERS\arcsas.sys [] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\windows\system32\DRIVERS\bxvbda.sys [] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60a.sys [] S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\windows\system32\DRIVERS\BrFiltLo.sys [] S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\windows\system32\DRIVERS\BrFiltUp.sys [] S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\windows\System32\Drivers\Brserid.sys [] S3 BrSerWdm;Brother WDM Serial driver; C:\windows\System32\Drivers\BrSerWdm.sys [] S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\windows\System32\Drivers\BrUsbMdm.sys [] S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\windows\System32\Drivers\BrUsbSer.sys [] S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [] S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\windows\system32\DRIVERS\bthmodem.sys [] S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [] S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [] S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [] S3 BTMHID;BTMHID; C:\windows\system32\DRIVERS\btmhid.sys [] S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 circlass;Consumer IR Devices; C:\windows\system32\DRIVERS\circlass.sys [] S3 diskperf64;Realtek Turbo Disk Filter Driver; C:\windows\system32\DRIVERS\diskperf64.sys [] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\windows\system32\DRIVERS\evbda.sys [] S3 elxstor;elxstor; C:\windows\system32\DRIVERS\elxstor.sys [] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\DRIVERS\errdev.sys [] S3 exfat;exFAT File System Driver; C:\windows\SysWOW64\drivers\exfat.sys [] S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\windows\system32\drivers\filetrace.sys [] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\windows\System32\drivers\FsDepends.sys [] S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\windows\system32\DRIVERS\gagp30kx.sys [] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\windows\system32\drivers\hcw85cir.sys [] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [] S3 HidBatt;HID UPS Battery Driver; C:\windows\system32\DRIVERS\HidBatt.sys [] S3 HidBth;Microsoft Bluetooth HID Miniport; C:\windows\system32\DRIVERS\hidbth.sys [] S3 HidIr;Microsoft Infrared HID Driver; C:\windows\system32\DRIVERS\hidir.sys [] S3 HpSAMD;HpSAMD; C:\windows\system32\DRIVERS\HpSAMD.sys [] S3 iaStorV;iaStorV; C:\windows\system32\DRIVERS\iaStorV.sys [] S3 iirsp;iirsp; C:\windows\system32\DRIVERS\iirsp.sys [] S3 IPMIDRV;IPMIDRV; C:\windows\system32\DRIVERS\IPMIDrv.sys [] S3 iScsiPrt;iScsiPort Driver; C:\windows\system32\DRIVERS\msiscsi.sys [] S3 kbdhid;Keyboard HID Driver; C:\windows\system32\DRIVERS\kbdhid.sys [] S3 LSI_FC;LSI_FC; C:\windows\system32\DRIVERS\lsi_fc.sys [] S3 LSI_SAS;LSI_SAS; C:\windows\system32\DRIVERS\lsi_sas.sys [] S3 LSI_SAS2;LSI_SAS2; C:\windows\system32\DRIVERS\lsi_sas2.sys [] S3 LSI_SCSI;LSI_SCSI; C:\windows\system32\DRIVERS\lsi_scsi.sys [] S3 megasas;megasas; C:\windows\system32\DRIVERS\megasas.sys [] S3 MegaSR;MegaSR; C:\windows\system32\DRIVERS\MegaSR.sys [] S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [] S3 mouhid;Mouse HID Driver; C:\windows\system32\DRIVERS\mouhid.sys [] S3 mpio;mpio; C:\windows\system32\DRIVERS\mpio.sys [] S3 msahci;msahci; C:\windows\system32\DRIVERS\msahci.sys [] S3 msdsm;msdsm; C:\windows\system32\DRIVERS\msdsm.sys [] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\windows\System32\drivers\mshidkmdf.sys [] S3 MsRPC;MsRPC; C:\windows\SysWOW64\drivers\MsRPC.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [] S3 MTConfig;Microsoft Input Configuration Driver; C:\windows\system32\DRIVERS\MTConfig.sys [] S3 NdisCap;NDIS Capture LightWeight Filter; C:\windows\system32\DRIVERS\ndiscap.sys [] S3 nfrd960;nfrd960; C:\windows\system32\DRIVERS\nfrd960.sys [] S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\windows\system32\DRIVERS\nv_agp.sys [] S3 nvraid;nvraid; C:\windows\system32\DRIVERS\nvraid.sys [] S3 nvstor;nvstor; C:\windows\system32\DRIVERS\nvstor.sys [] S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\windows\system32\DRIVERS\ohci1394.sys [] S3 ql2300;ql2300; C:\windows\system32\DRIVERS\ql2300.sys [] S3 ql40xx;ql40xx; C:\windows\system32\DRIVERS\ql40xx.sys [] S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\windows\system32\drivers\qwavedrv.sys [] S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\windows\system32\DRIVERS\rdpbus.sys [] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [] S3 sbp2port;sbp2port; C:\windows\system32\DRIVERS\sbp2port.sys [] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\windows\System32\DRIVERS\scfilter.sys [] S3 sermouse;Serial Mouse Driver; C:\windows\system32\DRIVERS\sermouse.sys [] S3 sffdisk;SFF Storage Class Driver; C:\windows\system32\DRIVERS\sffdisk.sys [] S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\windows\system32\DRIVERS\sffp_mmc.sys [] S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys [] S3 SiSRaid2;SiSRaid2; C:\windows\system32\DRIVERS\SiSRaid2.sys [] S3 SiSRaid4;SiSRaid4; C:\windows\system32\DRIVERS\sisraid4.sys [] S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\windows\system32\DRIVERS\smb.sys [] S3 stexstor;stexstor; C:\windows\system32\DRIVERS\stexstor.sys [] S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\windows\system32\DRIVERS\tcpip.sys [] S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\windows\System32\DRIVERS\tssecsrv.sys [] S3 uagp35;Microsoft AGPv3.5 Filter; C:\windows\system32\DRIVERS\uagp35.sys [] S3 uliagpkx;Uli AGP Bus Filter; C:\windows\system32\DRIVERS\uliagpkx.sys [] S3 UmPass;Microsoft UMPass Driver; C:\windows\system32\DRIVERS\umpass.sys [] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [] S3 usbcir;eHome Infrared Receiver (USBCIR); C:\windows\system32\DRIVERS\usbcir.sys [] S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [] S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [] S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [] S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbuhci.sys [] S3 usbvideo;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [] S3 vga;vga; C:\windows\system32\DRIVERS\vgapnp.sys [] S3 vhdmp;vhdmp; C:\windows\system32\DRIVERS\vhdmp.sys [] S3 vsmraid;vsmraid; C:\windows\system32\DRIVERS\vsmraid.sys [] S3 WacomPen;Wacom Serial Pen HID Driver; C:\windows\system32\DRIVERS\wacompen.sys [] S3 Wd;Wd; C:\windows\system32\DRIVERS\wd.sys [] S3 WIMMount;WIMMount; C:\windows\system32\drivers\wimmount.sys [2009-07-14 19008] S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [] S4 crcdisk;Crcdisk Filter Driver; C:\windows\system32\DRIVERS\crcdisk.sys [] S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\windows\system32\drivers\ws2ifsl.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664] R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184] R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128] R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376] R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 gpsvc;@gpapi.dll,-112; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-09 1405384] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-04-14 325656] R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768] R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416] R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984] R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-14 2533400] R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 wlidsvc;Windows Live ID Sign
  • En hier de info-file: info.txt logfile of random's system information tool 1.08 2011-03-12 21:42:34 ======Uninstall list====== -->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A4824921-63A6-4616-9335-557B860307F7}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A4824921-63A6-4616-9335-557B860307F7}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F50302D2-9E07-4A43-B9EA-7AC712F34711}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F50302D2-9E07-4A43-B9EA-7AC712F34711}\setup.exe" -l0x9 /remove µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Ad-Aware-->"C:\ProgramData\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\ProgramData\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil10m_Plugin.exe -maintain plugin Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001} Apple Application Support-->MsiExec.exe /I{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Bing Bar Platform-->MsiExec.exe /I{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39} Bing Bar-->C:\Program Files (x86)\Bing Bar Installer\InstallManager.exe /UNINSTALL Contextual Tool Yourprofitclub-->C:\windows\system32\f8d264bc.exe D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Diablo II-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo II (3)\Uninstall.exe FIFA 11-->MsiExec.exe /X{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C} Guitar Pro 5.2-->"C:\Program Files (x86)\Guitar Pro 5\unins000.exe" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} i-Charger-->"C:\Program Files (x86)\MSI\i-Charger\unins000.exe" Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED} NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask NVIDIA Updatus-->"C:\Program Files (x86)\InstallShield Installation Information\{7357286A-CBE7-4F4A-BABC-EC4B3DD63862}\setup.exe" -runfromtemp -l0x0009 Opera 11.01-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe" Pro Evolution Soccer 2011-->MsiExec.exe /X{1148E85C-E1AF-48E0-A29C-68DACE07E054} QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0409 -removeonly Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996} Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Skype Toolbars-->MsiExec.exe /I{A29549FD-65F3-440C-A552-6B8114CF319D} Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8} SopCast 3.3.2-->C:\Program Files (x86)\SopCast\uninst.exe Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe" System Control Manager-->C:\Program Files (x86)\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe THX TruStudio Pro-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}\setup.exe" -l0x9 /remove Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 1.1.7-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923} Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B} Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live Sync-->MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33} Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E} WinRAR archiver-->C:\Program Files (x86)\WinRAR 3.61 Multi\Uninstall.exe ======Security center information====== AS: Spybot - Search and Destroy (disabled) AS: SUPERAntiSpyware (disabled) ======System event log====== Computer Name: WIN-V7GMEPJM6O8 Event Code: 1014 Message: Name resolution for the name csc3-2009-2-crl.verisign.com timed out after none of the configured DNS servers responded. Record Number: 2568 Source Name: Microsoft-Windows-DNS-Client Time Written: 20101022021948.675070-000 Event Type: Warning User: NT AUTHORITY\NETWORK SERVICE Computer Name: WIN-V7GMEPJM6O8 Event Code: 11 Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Record Number: 2482 Source Name: Microsoft-Windows-Wininit Time Written: 20101022021815.324506-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: WIN-V7GMEPJM6O8 Event Code: 4001 Message: WLAN AutoConfig service has successfully stopped. Record Number: 2423 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20100923203138.105631-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: WIN-V7GMEPJM6O8 Event Code: 10010 Message: The server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout. Record Number: 2394 Source Name: Microsoft-Windows-DistributedCOM Time Written: 20100923203108.000000-000 Event Type: Error User: Computer Name: WIN-V7GMEPJM6O8 Event Code: 7023 Message: The Windows Update service terminated with the following error: %%-2145124287 Record Number: 2392 Source Name: Service Control Manager Time Written: 20100923202949.513840-000 Event Type: Error User: =====Application event log===== Computer Name: Max-MSI Event Code: 6004 Message: The winlogon notification subscriber <TrustedInstaller> failed a critical notification event. Record Number: 947 Source Name: Microsoft-Windows-Winlogon Time Written: 20110216193007.000000-000 Event Type: Warning User: Computer Name: Max-MSI Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-2002805053-4252134244-3045484419-1001: Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Policies Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings Record Number: 886 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20110215210118.935682-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Max-MSI Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-2002805053-4252134244-3045484419-1001: Process 596 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001 Process 2944 (\Device\HarddiskVolume3\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer Record Number: 788 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20110215171642.860076-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Max-MSI Event Code: 11 Message: Possible Memory Leak. Application (C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 436) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application. Record Number: 782 Source Name: Microsoft-Windows-RPC-Events Time Written: 20110215171450.778077-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: Max-MSI Event Code: 1008 Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}. Record Number: 618 Source Name: Microsoft-Windows-Search Time Written: 20110215165601.000000-000 Event Type: Warning User: =====Security event log===== Computer Name: WIN-V7GMEPJM6O8 Event Code: 4624 Message: An account was successfully logged on. Subject: Security ID: S-1-5-18 Account Name: WIN-V7GMEPJM6O8$ Account Domain: WORKGROUP Logon ID: 0x3e7 Logon Type: 5 New Logon: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Logon GUID: {00000000-0000-0000-0000-000000000000} Process Information: Process ID: 0x2a4 Process Name: C:\Windows\System32\services.exe Network Information: Workstation Name: Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: Advapi Authentication Package: Negotiate Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Record Number: 554 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100923202910.154971-000 Event Type: Audit Success User: Computer Name: WIN-V7GMEPJM6O8 Event Code: 4672 Message: Special privileges assigned to new logon. Subject: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Privileges: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 553 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100923202907.830567-000 Event Type: Audit Success User: Computer Name: WIN-V7GMEPJM6O8 Event Code: 4624 Message: An account was successfully logged on. Subject: Security ID: S-1-5-18 Account Name: WIN-V7GMEPJM6O8$ Account Domain: WORKGROUP Logon ID: 0x3e7 Logon Type: 5 New Logon: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Logon GUID: {00000000-0000-0000-0000-000000000000} Process Information: Process ID: 0x2a4 Process Name: C:\Windows\System32\services.exe Network Information: Workstation Name: Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: Advapi Authentication Package: Negotiate Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Record Number: 552 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100923202907.830567-000 Event Type: Audit Success User: Computer Name: WIN-V7GMEPJM6O8 Event Code: 4738 Message: A user account was changed. Subject: Security ID: S-1-5-21-3481707210-3752273569-2991567464-500 Account Name: Administrator Account Domain: WIN-V7GMEPJM6O8 Logon ID: 0x4821e Target Account: Security ID: S-1-5-21-3481707210-3752273569-2991567464-500 Account Name: Administrator Account Domain: WIN-V7GMEPJM6O8 Changed Attributes: SAM Account Name: - Display Name: - User Principal Name: - Home Directory: - Home Drive: - Script Path: - Profile Path: - User Workstations: - Password Last Set: - Account Expires: - Primary Group ID: - AllowedToDelegateTo: - Old UAC Value: 0x211 New UAC Value: 0x211 User Account Control: - User Parameters: - SID History: - Logon Hours: - Additional Information: Privileges: - Record Number: 551 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100923202906.130164-000 Event Type: Audit Success User: Computer Name: WIN-V7GMEPJM6O8 Event Code: 1102 Message: The audit log was cleared. Subject: Security ID: S-1-5-21-3481707210-3752273569-2991567464-500 Account Name: Administrator Domain Name: WIN-V7GMEPJM6O8 Logon ID: 0x4821e Record Number: 550 Source Name: Microsoft-Windows-Eventlog Time Written: 20100923202858.376950-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=2505 "configsetroot"=%SystemRoot%\ConfigSetRoot "CLASSPATH"=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip "asl.log"=Destination=file -----------------EOF-----------------
  • Hoi Max, zit jouw notebook in een thuisnetwerk? 1) [b:4f68a09529]Download [url=http://eric71.geekstogo.com/tools/LopSD.exe]LopSD[/url] of [url=http://eric.71.mespages.googlepages.com/LopSD.exe]LOPSD[/url] naar je Bureaublad.[/b:4f68a09529] [list:4f68a09529][*:4f68a09529] [b:4f68a09529]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:4f68a09529] [*:4f68a09529][b:4f68a09529]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"! [*:4f68a09529] Kies Optie N en Enter [*:4f68a09529] Klik OK bij het informatie venter [*:4f68a09529] Kies Optie 2 en Enter [*:4f68a09529] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:4f68a09529][/list:u:4f68a09529] 2) [b:4f68a09529]Welk programma[/b:4f68a09529]: Kaspersky [b:4f68a09529]TDSSKiller[/b:4f68a09529] [b:4f68a09529]Waarvoor/waarom[/b:4f68a09529]: Rootkitscanner [b:4f68a09529]Moeilijkheidsgraad[/b:4f68a09529]: geen [b:4f68a09529]Downloadlokatie[/b:4f68a09529]: Dit programma absoluut naar het bureaublad downloaden! [b:4f68a09529]Download[/b:4f68a09529] [b:4f68a09529]TDSSKiller[/b:4f68a09529] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:4f68a09529]hier[/b:4f68a09529][/url]. [b:4f68a09529]Installatie[/b:4f68a09529]: [list:4f68a09529][*:4f68a09529] pak het bestand uit op je bureaublad.[/list:u:4f68a09529] [b:4f68a09529]TDSSKiller gebruiken[/b:4f68a09529]: [list:4f68a09529][*:4f68a09529]Windows 2000 en Windows XP: start TDSSKiller middels dubbelklik op TDSSKiller.exe. [*:4f68a09529]Windows Vista en Windows 7: start TDSSKiller middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:4f68a09529]Als Administrator uitvoeren[/b:4f68a09529]. [*:4f68a09529] Nadat de scan klaar is, vindt je het log in de C:\ partitie [*:4f68a09529] Post de inhoud van dat log[/list:u:4f68a09529]
  • Hallo, Alleereest wou ik nogmaals bedanken dat je voor mijn zielige probleem zoveel moeilte doet, echt ongelofelijk... Bij de eerste scan gaf windows een waarschuwing dat 'het programma verkeerd geinstalleerd was' dus heb hem maar opnieuw gerund, dit keer geen fout, copy het log van C:\: Ik zit idd in een thuisnetwerk. Log1: --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows 7 Home Premium ( v6.1.7600 ) x64-based PC ( Multiprocessor Free : Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz ) BIOS : BIOS Date: 09/23/09 11:58:43 Ver: 08.00.10 USER : Max ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:348 Go (Free:299 Go) D:\ (Local Disk) - NTFS - Total:232 Go (Free:79 Go) E:\ (CD or DVD) F:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( Sun 03/13/2011|12:34 ) [ UAC => 1 ] Log 2: 2011/03/13 12:35:42.0806 4140 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/03/13 12:35:43.0141 4140 ================================================================================ 2011/03/13 12:35:43.0144 4140 SystemInfo: 2011/03/13 12:35:43.0144 4140 2011/03/13 12:35:43.0144 4140 OS Version: 6.1.7600 ServicePack: 0.0 2011/03/13 12:35:43.0144 4140 Product type: Workstation 2011/03/13 12:35:43.0144 4140 ComputerName: MAX-MSI 2011/03/13 12:35:43.0144 4140 UserName: Max 2011/03/13 12:35:43.0144 4140 Windows directory: C:\windows 2011/03/13 12:35:43.0144 4140 System windows directory: C:\windows 2011/03/13 12:35:43.0144 4140 Running under WOW64 2011/03/13 12:35:43.0144 4140 Processor architecture: Intel x64 2011/03/13 12:35:43.0144 4140 Number of processors: 4 2011/03/13 12:35:43.0144 4140 Page size: 0x1000 2011/03/13 12:35:43.0144 4140 Boot type: Normal boot 2011/03/13 12:35:43.0144 4140 ================================================================================ 2011/03/13 12:35:43.0454 4140 Initialize success 2011/03/13 12:35:55.0891 4220 ================================================================================ 2011/03/13 12:35:55.0894 4220 Scan started 2011/03/13 12:35:55.0894 4220 Mode: Manual; 2011/03/13 12:35:55.0894 4220 ================================================================================ 2011/03/13 12:35:56.0274 4220 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys 2011/03/13 12:35:56.0379 4220 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys 2011/03/13 12:35:56.0491 4220 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 2011/03/13 12:35:56.0611 4220 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 2011/03/13 12:35:56.0734 4220 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 2011/03/13 12:35:56.0856 4220 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 2011/03/13 12:35:56.0991 4220 AFD (b9384e03479d2506bc924c16a3db87bc) C:\windows\system32\drivers\afd.sys 2011/03/13 12:35:57.0104 4220 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 2011/03/13 12:35:57.0219 4220 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 2011/03/13 12:35:57.0311 4220 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 2011/03/13 12:35:57.0406 4220 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 2011/03/13 12:35:57.0509 4220 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 2011/03/13 12:35:57.0614 4220 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys 2011/03/13 12:35:57.0726 4220 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 2011/03/13 12:35:57.0826 4220 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys 2011/03/13 12:35:57.0916 4220 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 2011/03/13 12:35:58.0069 4220 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 2011/03/13 12:35:58.0166 4220 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 2011/03/13 12:35:58.0269 4220 aswFsBlk (f810e3ea3d1f3c3ba26f2f4719bdca4f) C:\windows\system32\drivers\aswFsBlk.sys 2011/03/13 12:35:58.0376 4220 aswMonFlt (3687fd9cedf56d3b9f18923f4e14f3f9) C:\windows\system32\drivers\aswMonFlt.sys 2011/03/13 12:35:58.0479 4220 aswRdr (e99e48596b35e5d5240104bcd61b3471) C:\windows\system32\drivers\aswRdr.sys 2011/03/13 12:35:58.0586 4220 aswSnx (84ad8fb3fd2efa52d8599a0028bbb6fe) C:\windows\system32\drivers\aswSnx.sys 2011/03/13 12:35:58.0684 4220 aswSP (8cba6cc5dca9e3829f1792bf98f06901) C:\windows\system32\drivers\aswSP.sys 2011/03/13 12:35:58.0791 4220 aswTdi (184248f2ded7b1641c7f3b30381baa2a) C:\windows\system32\drivers\aswTdi.sys 2011/03/13 12:35:58.0894 4220 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 2011/03/13 12:35:59.0004 4220 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 2011/03/13 12:35:59.0146 4220 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 2011/03/13 12:35:59.0266 4220 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 2011/03/13 12:35:59.0394 4220 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 2011/03/13 12:35:59.0534 4220 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 2011/03/13 12:35:59.0654 4220 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys 2011/03/13 12:35:59.0759 4220 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 2011/03/13 12:35:59.0859 4220 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 2011/03/13 12:35:59.0969 4220 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 2011/03/13 12:36:00.0089 4220 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 2011/03/13 12:36:00.0189 4220 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 2011/03/13 12:36:00.0291 4220 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 2011/03/13 12:36:00.0401 4220 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\DRIVERS\BthEnum.sys 2011/03/13 12:36:00.0506 4220 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 2011/03/13 12:36:00.0609 4220 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys 2011/03/13 12:36:00.0724 4220 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\windows\system32\Drivers\BTHport.sys 2011/03/13 12:36:00.0866 4220 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\windows\system32\Drivers\BTHUSB.sys 2011/03/13 12:36:00.0986 4220 BTMCOM (e588420b950dac5ac397f76660bce520) C:\windows\System32\Drivers\btmcom.sys 2011/03/13 12:36:01.0099 4220 BTMHID (111160e8f47fafc0bd026293ebb95b70) C:\windows\system32\DRIVERS\btmhid.sys 2011/03/13 12:36:01.0251 4220 BTMUSB (22a24c45a21ab98afcd09229f6ee5fcf) C:\windows\system32\Drivers\btmusb.sys 2011/03/13 12:36:01.0456 4220 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 2011/03/13 12:36:01.0524 4220 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 2011/03/13 12:36:01.0639 4220 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 2011/03/13 12:36:01.0706 4220 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 2011/03/13 12:36:01.0834 4220 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 2011/03/13 12:36:01.0932 4220 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 2011/03/13 12:36:02.0052 4220 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys 2011/03/13 12:36:02.0157 4220 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 2011/03/13 12:36:02.0269 4220 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 2011/03/13 12:36:02.0377 4220 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 2011/03/13 12:36:02.0519 4220 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\windows\system32\Drivers\dfsc.sys 2011/03/13 12:36:02.0624 4220 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 2011/03/13 12:36:02.0737 4220 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 2011/03/13 12:36:02.0862 4220 diskperf64 (06a5553e5f3d8717e56feb8e559f92b5) C:\windows\system32\DRIVERS\diskperf64.sys 2011/03/13 12:36:02.0984 4220 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 2011/03/13 12:36:03.0082 4220 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys 2011/03/13 12:36:03.0242 4220 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 2011/03/13 12:36:03.0474 4220 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 2011/03/13 12:36:03.0509 4220 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 2011/03/13 12:36:03.0627 4220 ETD (06c94be9d9e1e6411429433a64a76936) C:\windows\system32\DRIVERS\ETD.sys 2011/03/13 12:36:03.0677 4220 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 2011/03/13 12:36:03.0694 4220 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 2011/03/13 12:36:03.0747 4220 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 2011/03/13 12:36:03.0814 4220 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 2011/03/13 12:36:03.0857 4220 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 2011/03/13 12:36:03.0984 4220 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 2011/03/13 12:36:04.0024 4220 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 2011/03/13 12:36:04.0104 4220 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 2011/03/13 12:36:04.0132 4220 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 2011/03/13 12:36:04.0204 4220 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys 2011/03/13 12:36:04.0269 4220 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 2011/03/13 12:36:04.0329 4220 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 2011/03/13 12:36:04.0424 4220 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 2011/03/13 12:36:04.0447 4220 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 2011/03/13 12:36:04.0514 4220 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 2011/03/13 12:36:04.0604 4220 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys 2011/03/13 12:36:04.0637 4220 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 2011/03/13 12:36:04.0682 4220 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 2011/03/13 12:36:04.0714 4220 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 2011/03/13 12:36:04.0799 4220 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 2011/03/13 12:36:04.0922 4220 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 2011/03/13 12:36:04.0984 4220 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 2011/03/13 12:36:05.0032 4220 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 2011/03/13 12:36:05.0064 4220 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 2011/03/13 12:36:05.0097 4220 iaStor (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys 2011/03/13 12:36:05.0167 4220 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys 2011/03/13 12:36:05.0419 4220 igfx (677aa5991026a65ada128c4b59cf2bad) C:\windows\system32\DRIVERS\igdkmd64.sys 2011/03/13 12:36:05.0714 4220 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 2011/03/13 12:36:05.0787 4220 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys 2011/03/13 12:36:05.0934 4220 IntcAzAudAddService (491dadcc74327fabc85e0ab80af8f204) C:\windows\system32\drivers\RTKVHD64.sys 2011/03/13 12:36:06.0049 4220 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys 2011/03/13 12:36:06.0077 4220 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 2011/03/13 12:36:06.0124 4220 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 2011/03/13 12:36:06.0197 4220 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 2011/03/13 12:36:06.0227 4220 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 2011/03/13 12:36:06.0244 4220 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 2011/03/13 12:36:06.0314 4220 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 2011/03/13 12:36:06.0357 4220 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 2011/03/13 12:36:06.0379 4220 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 2011/03/13 12:36:06.0449 4220 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 2011/03/13 12:36:06.0492 4220 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 2011/03/13 12:36:06.0532 4220 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys 2011/03/13 12:36:06.0554 4220 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys 2011/03/13 12:36:06.0637 4220 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 2011/03/13 12:36:06.0749 4220 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys 2011/03/13 12:36:06.0844 4220 Lbd (c8b3131857931ae76798a741cc52b021) C:\windows\system32\DRIVERS\Lbd.sys 2011/03/13 12:36:06.0962 4220 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 2011/03/13 12:36:07.0087 4220 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 2011/03/13 12:36:07.0199 4220 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 2011/03/13 12:36:07.0319 4220 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 2011/03/13 12:36:07.0434 4220 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 2011/03/13 12:36:07.0469 4220 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 2011/03/13 12:36:07.0509 4220 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\windows\system32\drivers\MBfilt64.sys 2011/03/13 12:36:07.0542 4220 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 2011/03/13 12:36:07.0637 4220 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 2011/03/13 12:36:07.0827 4220 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 2011/03/13 12:36:07.0869 4220 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 2011/03/13 12:36:07.0954 4220 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 2011/03/13 12:36:08.0062 4220 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 2011/03/13 12:36:08.0099 4220 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 2011/03/13 12:36:08.0147 4220 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 2011/03/13 12:36:08.0177 4220 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 2011/03/13 12:36:08.0239 4220 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 2011/03/13 12:36:08.0282 4220 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\windows\system32\DRIVERS\mrxsmb.sys 2011/03/13 12:36:08.0339 4220 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\windows\system32\DRIVERS\mrxsmb10.sys 2011/03/13 12:36:08.0382 4220 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\windows\system32\DRIVERS\mrxsmb20.sys 2011/03/13 12:36:08.0419 4220 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys 2011/03/13 12:36:08.0447 4220 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 2011/03/13 12:36:08.0487 4220 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 2011/03/13 12:36:08.0529 4220 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 2011/03/13 12:36:08.0549 4220 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 2011/03/13 12:36:08.0652 4220 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 2011/03/13 12:36:08.0694 4220 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 2011/03/13 12:36:08.0757 4220 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 2011/03/13 12:36:08.0787 4220 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 2011/03/13 12:36:08.0819 4220 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 2011/03/13 12:36:08.0864 4220 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 2011/03/13 12:36:08.0889 4220 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 2011/03/13 12:36:08.0919 4220 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 2011/03/13 12:36:09.0009 4220 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 2011/03/13 12:36:09.0079 4220 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys 2011/03/13 12:36:09.0202 4220 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 2011/03/13 12:36:09.0237 4220 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 2011/03/13 12:36:09.0282 4220 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 2011/03/13 12:36:09.0309 4220 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 2011/03/13 12:36:09.0367 4220 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 2011/03/13 12:36:09.0414 4220 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 2011/03/13 12:36:09.0442 4220 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 2011/03/13 12:36:09.0697 4220 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\windows\system32\DRIVERS\NETw5s64.sys 2011/03/13 12:36:09.0927 4220 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 2011/03/13 12:36:09.0974 4220 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 2011/03/13 12:36:09.0994 4220 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 2011/03/13 12:36:10.0057 4220 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys 2011/03/13 12:36:10.0149 4220 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 2011/03/13 12:36:10.0194 4220 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\windows\system32\DRIVERS\nusb3hub.sys 2011/03/13 12:36:10.0227 4220 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\windows\system32\DRIVERS\nusb3xhc.sys 2011/03/13 12:36:10.0687 4220 nvlddmkm (f12c5f17d48d9f5c70e4408b3ccb5443) C:\windows\system32\DRIVERS\nvlddmkm.sys 2011/03/13 12:36:10.0832 4220 nvpciflt (91aa115e6bd2104d79cadd8b1cbaeb4a) C:\windows\system32\DRIVERS\nvpciflt.sys 2011/03/13 12:36:10.0939 4220 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys 2011/03/13 12:36:11.0049 4220 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys 2011/03/13 12:36:11.0182 4220 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 2011/03/13 12:36:11.0214 4220 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 2011/03/13 12:36:11.0247 4220 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 2011/03/13 12:36:11.0272 4220 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 2011/03/13 12:36:11.0312 4220 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys 2011/03/13 12:36:11.0394 4220 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 2011/03/13 12:36:11.0427 4220 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 2011/03/13 12:36:11.0449 4220 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 2011/03/13 12:36:11.0477 4220 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 2011/03/13 12:36:11.0634 4220 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 2011/03/13 12:36:11.0684 4220 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 2011/03/13 12:36:11.0764 4220 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 2011/03/13 12:36:11.0899 4220 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 2011/03/13 12:36:12.0037 4220 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 2011/03/13 12:36:12.0079 4220 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 2011/03/13 12:36:12.0122 4220 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 2011/03/13 12:36:12.0212 4220 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 2011/03/13 12:36:12.0247 4220 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 2011/03/13 12:36:12.0359 4220 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 2011/03/13 12:36:12.0454 4220 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 2011/03/13 12:36:12.0489 4220 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys 2011/03/13 12:36:12.0517 4220 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 2011/03/13 12:36:12.0564 4220 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 2011/03/13 12:36:12.0582 4220 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 2011/03/13 12:36:12.0614 4220 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 2011/03/13 12:36:12.0642 4220 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys 2011/03/13 12:36:12.0689 4220 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys 2011/03/13 12:36:12.0814 4220 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys 2011/03/13 12:36:12.0874 4220 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 2011/03/13 12:36:12.0984 4220 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\windows\System32\Drivers\RtsUVStor.sys 2011/03/13 12:36:13.0084 4220 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\windows\system32\DRIVERS\Rt64win7.sys 2011/03/13 12:36:13.0159 4220 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 2011/03/13 12:36:13.0179 4220 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 2011/03/13 12:36:13.0297 4220 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 2011/03/13 12:36:13.0407 4220 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\windows\system32\drivers\SCDEmu.sys 2011/03/13 12:36:13.0452 4220 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 2011/03/13 12:36:13.0597 4220 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 2011/03/13 12:36:13.0724 4220 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 2011/03/13 12:36:13.0837 4220 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 2011/03/13 12:36:13.0949 4220 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 2011/03/13 12:36:13.0992 4220 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 2011/03/13 12:36:14.0012 4220 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 2011/03/13 12:36:14.0029 4220 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys 2011/03/13 12:36:14.0044 4220 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 2011/03/13 12:36:14.0144 4220 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 2011/03/13 12:36:14.0174 4220 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 2011/03/13 12:36:14.0212 4220 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 2011/03/13 12:36:14.0304 4220 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 2011/03/13 12:36:14.0387 4220 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\windows\system32\DRIVERS\srv.sys 2011/03/13 12:36:14.0427 4220 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\windows\system32\DRIVERS\srv2.sys 2011/03/13 12:36:14.0477 4220 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\windows\system32\DRIVERS\srvnet.sys 2011/03/13 12:36:14.0609 4220 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 2011/03/13 12:36:14.0654 4220 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 2011/03/13 12:36:14.0842 4220 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\drivers\tcpip.sys 2011/03/13 12:36:15.0019 4220 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\DRIVERS\tcpip.sys 2011/03/13 12:36:15.0067 4220 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 2011/03/13 12:36:15.0094 4220 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 2011/03/13 12:36:15.0124 4220 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys 2011/03/13 12:36:15.0157 4220 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 2011/03/13 12:36:15.0247 4220 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 2011/03/13 12:36:15.0379 4220 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 2011/03/13 12:36:15.0439 4220 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 2011/03/13 12:36:15.0479 4220 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 2011/03/13 12:36:15.0502 4220 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys 2011/03/13 12:36:15.0544 4220 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 2011/03/13 12:36:15.0637 4220 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 2011/03/13 12:36:15.0667 4220 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 2011/03/13 12:36:15.0719 4220 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys 2011/03/13 12:36:15.0772 4220 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 2011/03/13 12:36:15.0799 4220 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys 2011/03/13 12:36:15.0854 4220 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys 2011/03/13 12:36:15.0892 4220 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys 2011/03/13 12:36:15.0924 4220 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 2011/03/13 12:36:15.0967 4220 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys 2011/03/13 12:36:16.0007 4220 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS 2011/03/13 12:36:16.0059 4220 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys 2011/03/13 12:36:16.0137 4220 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys 2011/03/13 12:36:16.0202 4220 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 2011/03/13 12:36:16.0299 4220 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 2011/03/13 12:36:16.0334 4220 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 2011/03/13 12:36:16.0354 4220 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 2011/03/13 12:36:16.0387 4220 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 2011/03/13 12:36:16.0412 4220 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 2011/03/13 12:36:16.0437 4220 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 2011/03/13 12:36:16.0494 4220 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 2011/03/13 12:36:16.0547 4220 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 2011/03/13 12:36:16.0592 4220 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 2011/03/13 12:36:16.0629 4220 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 2011/03/13 12:36:16.0674 4220 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 2011/03/13 12:36:16.0712 4220 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2011/03/13 12:36:16.0734 4220 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2011/03/13 12:36:16.0864 4220 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 2011/03/13 12:36:16.0904 4220 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 2011/03/13 12:36:17.0047 4220 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 2011/03/13 12:36:17.0074 4220 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 2011/03/13 12:36:17.0229 4220 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 2011/03/13 12:36:17.0367 4220 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 2011/03/13 12:36:17.0422 4220 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys 2011/03/13 12:36:17.0502 4220 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys 2011/03/13 12:36:17.0577 4220 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\windows\system32\DRIVERS\xusb21.sys 2011/03/13 12:36:17.0652 4220 ================================================================================ 2011/03/13 12:36:17.0652 4220 Scan finished 2011/03/13 12:36:17.0652 4220 ================================================================================ 2011/03/13 12:36:35.0827 2888 Deinitialize success
  • Hoi Max, het LopSD-log is wel erg klein uigevallen! Wil jeij het tool nogmaals met administartorrechten opstarten voor een scan en dan het log (hopelijk compleet) posten?
  • Hoiii, Ik heb hem opnieuw gerund en net zoals vorige keer met administratorrechten, vanaf mijn bureaublad, maar weer geeft hij hetzelfde log en ook zegtie dat ik geen admin ben. Opnieuw opgestart en weer hetzelfde, vlak voor hij de scan sluit geeftie iets van " unexpected..." maar het venster sluit te snel voordat ik het kan lezen. Hij sluit spontaan, en het log dat ik postte kwam uit mn C: drive... Geen idee waardoor dit nou weer komt...
  • Heeft het account waar jij in werkt soms beperkte rechten of heb je de UAC (Gebruikersaccountbeheer) uitgeschakeld.
  • Nee, ik ben gewoon administrator..heb net gechecked bij user account... En nogsteeds in dat log staat dat ik geen admin ben, wat vreemd

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.