Vraag & Antwoord

Beveiliging & privacy

Gesproken tekst

13 antwoorden
  • Hoi Ik krijg bij opstarten windows7 met i.e.9 sinds kort een engelstalige gesproken melding hoe ik via de toolbox o.a. cookies enz kan verwijderen Is er iemand die weet hoe ik dit vervelende mannetje kan verwijderen :? groeten
  • Hallo Jan, heb je mogelijk een of ander tweakprogramma geïnstalleerd? [b:4d9714296e]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:4d9714296e] [color=#0000FF:4d9714296e][list:4d9714296e][*:4d9714296e]Lees alle instrukties goed door. [*:4d9714296e]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:4d9714296e]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:4d9714296e]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:4d9714296e]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:4d9714296e]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:4d9714296e][/color:4d9714296e] [color=#FF0000:4d9714296e][b:4d9714296e]Stap •1•[/b:4d9714296e][/color:4d9714296e] [b:4d9714296e]Welk programma[/b:4d9714296e]: Trend Micro [b:4d9714296e]Hijack This Versie 2.0.4[/b:4d9714296e] [b:4d9714296e]Waarvoor/waarom[/b:4d9714296e]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:4d9714296e]Moeilijkheidsgraad[/b:4d9714296e]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:4d9714296e]Download[/b:4d9714296e] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:4d9714296e]HijackThis Installer[/b:4d9714296e][/url] [b:4d9714296e]Installatie[/b:4d9714296e]: [list:4d9714296e][*:4d9714296e]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:4d9714296e] Gebruikers van [b:4d9714296e]Windows Vista[/b:4d9714296e] en [b:4d9714296e]Windows 7[/b:4d9714296e] gaan daarna naar de installatielokatie van HijackThis. [list:4d9714296e][*:4d9714296e]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen. [*:4d9714296e]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren". [*:4d9714296e]Als laatste wordt dan nog op [b:4d9714296e]Toepassen[/b:4d9714296e] en [b:4d9714296e]OK[/b:4d9714296e] geklikt[/list:u:4d9714296e] [b:4d9714296e]Hijack This gebruiken[/b:4d9714296e]: [list:4d9714296e][*:4d9714296e]Sluit eerst alle openstaande programma's en de webbrowsers. [*:4d9714296e]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:4d9714296e][*:4d9714296e]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:4d9714296e] [*:4d9714296e]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:4d9714296e]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht. [*:4d9714296e]Hierna mag je Hijack This weer sluiten[/list:u:4d9714296e] [color=#FF0000:4d9714296e][b:4d9714296e]Stap •2•[/b:4d9714296e][/color:4d9714296e] [b:4d9714296e]Welk programma[/b:4d9714296e]: Microsoft Safety Scanner [b:4d9714296e]Waarvoor/waarom[/b:4d9714296e]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:4d9714296e]Moeilijkheidsgraad[/b:4d9714296e]: geen. [quote:4d9714296e][b:4d9714296e][color=#0000FF:4d9714296e]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload. Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software, downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/color:4d9714296e][/b:4d9714296e][/quote:4d9714296e] Dowload de [b:4d9714296e]Microsoft Safety Scanner [/b:4d9714296e][url=http://www.microsoft.com/security/scanner/nl-nl/default.aspx]hier[/url]. Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst". [b:4d9714296e]Scannen[/b:4d9714296e]: [list:4d9714296e][*:4d9714296e] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'. [*:4d9714296e]Het scannen duurt wel even, dus wees geduldig.[/list:u:4d9714296e] [color=#FF0000:4d9714296e][b:4d9714296e]Stap •3•[/b:4d9714296e][/color:4d9714296e] [b:4d9714296e]Welk programma[/b:4d9714296e]: Malwarebytes MBAM [b:4d9714296e]Waarvoor/waarom[/b:4d9714296e]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:4d9714296e]Moeilijkheidsgraad[/b:4d9714296e]: geen. [b:4d9714296e]Download Malwarebytes MBAM via één van deze locaties[/b:4d9714296e]: [list:4d9714296e][*:4d9714296e][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:4d9714296e]Download.com[/b:4d9714296e][/url] [*:4d9714296e][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:4d9714296e]Softpedia.com[/b:4d9714296e][/url][*:4d9714296e][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:4d9714296e]Majorgeeks.com[/b:4d9714296e][/url][/list:u:4d9714296e] [b:4d9714296e]Allereerst[/b:4d9714296e]:[list:4d9714296e][*:4d9714296e] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:4d9714296e] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:4d9714296e] [b:4d9714296e]Malwarebytes MBAM opstarten[/b:4d9714296e]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:4d9714296e][*:4d9714296e][b:4d9714296e]Let op:[/b:4d9714296e] [list:4d9714296e][*:4d9714296e]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:4d9714296e]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:4d9714296e]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:4d9714296e]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:4d9714296e][/list:u:4d9714296e] [img:4d9714296e]http://img30.imageshack.us/img30/3928/mbam2.png[/img:4d9714296e] [list:4d9714296e][*:4d9714296e][b:4d9714296e]Doe ook nog het volgende:[/b:4d9714296e] [list:4d9714296e][*:4d9714296e]Zodra het programma gestart is, ga dan naar het tabblad "[b:4d9714296e]Instellingen[/b:4d9714296e]". [*:4d9714296e]Vink hier aan: "[b:4d9714296e]Sluit Internet Explorer tijdens verwijdering van malware[/b:4d9714296e]".[/list:u:4d9714296e][/list:u:4d9714296e] [b:4d9714296e]Scannen[/b:4d9714296e]: [list:4d9714296e][*:4d9714296e] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:4d9714296e]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:4d9714296e]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:4d9714296e] [b:4d9714296e]Infecties gevonden[/b:4d9714296e]: [list:4d9714296e][*:4d9714296e]Klik nu eerst op OK om de melding weg te klikken [*:4d9714296e]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:4d9714296e]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:4d9714296e]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:4d9714296e]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:4d9714296e]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:4d9714296e] [b:4d9714296e]MBAM-Log[/b:4d9714296e]: [list:4d9714296e][*:4d9714296e] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:4d9714296e] [b:4d9714296e]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:4d9714296e] [color=#FF0000:4d9714296e][b:4d9714296e]Stap •4•[/b:4d9714296e][/color:4d9714296e] [b:4d9714296e]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:4d9714296e] [list:4d9714296e][*:4d9714296e] een Hijackthis-log [*:4d9714296e] MBAM scanlog[/list:u:4d9714296e]
  • Hoi Abraham Hierbij de beide uitkomsten Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8097 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 6-11-2011 19:20:58 mbam-log-2011-11-06 (19-20-58).txt Scantype: Snelle scan Objecten gescand: 176140 Verstreken tijd: 13 minuut/minuten, 37 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 1 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\Software\SkyMedia (Adware.SkyMedia) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\Users\gebruiker\AppData\Roaming\audiotreiber_x64.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
  • Waar is nu het gevraagde Hijack This-log? En ben je de stem al kwijt?
  • Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:43:34, on 6-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\KPN\bin\sprtcmd.exe C:\Program Files\OO Software\Defrag\oodtray.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files\CyberLink\Shared files\brs.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Registry Clean Expert\RCHelper.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Windows\system32\taskeng.exe C:\Program Files\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {25A6EDBF-C0FD-4ff7-B6A7-C6EDEA3B0B55} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Product - 2011/06/06 22:16:54 (CLKMSVC10_CDD7036C) - CyberLink - C:\Program Files\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe -- End of file - 13225 bytes
  • Hier is ie. De gesproken tekst was er nog bij opnieuw opstarten :?
  • Het Hijack-Thislog ziet er gewoon perfect uit, maar dat hoeft nog niks te zeggen! [color=#FF0000:2c74af2e49][b:2c74af2e49]Stap •1•[/b:2c74af2e49][/color:2c74af2e49] [[b:2c74af2e49]Welk programma[/b:2c74af2e49]: Kaspersky [b:2c74af2e49]TDSSKiller[/b:2c74af2e49] [b:2c74af2e49]Waarvoor/waarom[/b:2c74af2e49]: Rootkitscanner [b:2c74af2e49]Moeilijkheidsgraad[/b:2c74af2e49]: geen [b:2c74af2e49]Downloadlokatie[/b:2c74af2e49]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:2c74af2e49]Download[/b:2c74af2e49] [b:2c74af2e49]TDSSKiller[/b:2c74af2e49] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:2c74af2e49]hier[/b:2c74af2e49][/url]. [b:2c74af2e49]Installatie[/b:2c74af2e49]: [list:2c74af2e49][*:2c74af2e49] pak het bestand uit op je bureaublad.[/list:u:2c74af2e49] [b:2c74af2e49]TDSSKiller gebruiken[/b:2c74af2e49]: [list:2c74af2e49][*:2c74af2e49]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:2c74af2e49]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:2c74af2e49]Als Administrator uitvoeren[/b:2c74af2e49]. [*:2c74af2e49]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:2c74af2e49] [img:2c74af2e49]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:2c74af2e49] [list:2c74af2e49][*:2c74af2e49]Klik vervolgens op de knop [b:2c74af2e49]"Start Scan"[/b:2c74af2e49] en volg de instructies. [*:2c74af2e49] Nadat de scan klaar is klik je op de knop [b:2c74af2e49]"Report"[/b:2c74af2e49]. [*:2c74af2e49]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:2c74af2e49][*:2c74af2e49][b:2c74af2e49]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:2c74af2e49] [*:2c74af2e49]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:2c74af2e49]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:2c74af2e49][/list:u:2c74af2e49][/list:u:2c74af2e49] [color=#FF0000:2c74af2e49][b:2c74af2e49]Stap •2•[/b:2c74af2e49][/color:2c74af2e49] [b:2c74af2e49]Welk programma[/b:2c74af2e49]: ComboFix [b:2c74af2e49]Waarvoor/waarom[/b:2c74af2e49]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:2c74af2e49]Moeilijkheidsgraad[/b:2c74af2e49]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:2c74af2e49]Downloadlokatie[/b:2c74af2e49]: Dit programma absoluut naar het bureaublad downloaden! [b:2c74af2e49]Download ComboFix via één van deze locaties[/b:2c74af2e49]: [list:2c74af2e49][*:2c74af2e49][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:2c74af2e49]Bleepingcomputer[/b:2c74af2e49][/url] [*:2c74af2e49][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:2c74af2e49]ForoSpyware[/b:2c74af2e49][/url] [*:2c74af2e49][url=http://subs.geekstogo.com/ComboFix.exe][b:2c74af2e49]Geekstogo[/b:2c74af2e49][/url][/list:u:2c74af2e49] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:2c74af2e49]Hier[/b:2c74af2e49][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:2c74af2e49]Hier[/b:2c74af2e49][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:2c74af2e49]hier[/b:2c74af2e49][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:2c74af2e49]Voor alle duidelijkheid nogmaals[/b:2c74af2e49]: ComboFix dient vanaf het bureaublad gestart te worden. [b:2c74af2e49]Opmerkingen[/b:2c74af2e49]: [list:2c74af2e49][*:2c74af2e49] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:2c74af2e49]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:2c74af2e49]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:2c74af2e49] [b:2c74af2e49]ComboFix is opgestart[/b:2c74af2e49]: [list:2c74af2e49][*:2c74af2e49]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:2c74af2e49]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:2c74af2e49]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:2c74af2e49]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:2c74af2e49]Post de inhoud van dit logbestand in je volgende bericht. [*:2c74af2e49]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:2c74af2e49] [b:2c74af2e49]Belangrijke opmerking[/b:2c74af2e49]: [list:2c74af2e49][*:2c74af2e49][b:2c74af2e49][color=Red:2c74af2e49]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:2c74af2e49][/b:2c74af2e49] [*:2c74af2e49][b:2c74af2e49][color=blue:2c74af2e49]Illegal operation attempted on a registery key that has been marked for deletion.[/color:2c74af2e49][/b:2c74af2e49] [*:2c74af2e49][b:2c74af2e49][color=Red:2c74af2e49]Start dan de computer opnieuw op.[/color:2c74af2e49][/b:2c74af2e49][/list:u:2c74af2e49] [color=#FF0000:2c74af2e49][b:2c74af2e49]Stap •3•[/b:2c74af2e49][/color:2c74af2e49] [b:2c74af2e49]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:2c74af2e49] [list:2c74af2e49][*:2c74af2e49] TDSSKiller-log [*:2c74af2e49] ComboFix.txt-log [/list:u:2c74af2e49]
  • 20:12:17.0125 2956 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49 20:12:17.0286 2956 ============================================================ 20:12:17.0286 2956 Current date / time: 2011/11/06 20:12:17.0286 20:12:17.0286 2956 SystemInfo: 20:12:17.0286 2956 20:12:17.0286 2956 OS Version: 6.1.7601 ServicePack: 1.0 20:12:17.0286 2956 Product type: Workstation 20:12:17.0286 2956 ComputerName: GEBRUIK-36J2XF6 20:12:17.0286 2956 UserName: Gebruiker 20:12:17.0286 2956 Windows directory: C:\Windows 20:12:17.0286 2956 System windows directory: C:\Windows 20:12:17.0286 2956 Processor architecture: Intel x86 20:12:17.0286 2956 Number of processors: 2 20:12:17.0286 2956 Page size: 0x1000 20:12:17.0286 2956 Boot type: Normal boot 20:12:17.0286 2956 ============================================================ 20:12:36.0568 2956 Initialize success 20:12:40.0854 5064 ============================================================ 20:12:40.0854 5064 Scan started 20:12:40.0854 5064 Mode: Manual; 20:12:40.0854 5064 ============================================================ 20:12:42.0175 5064 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 20:12:42.0199 5064 1394ohci - ok 20:12:42.0269 5064 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 20:12:42.0274 5064 ACPI - ok 20:12:42.0346 5064 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 20:12:42.0369 5064 AcpiPmi - ok 20:12:42.0495 5064 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 20:12:42.0545 5064 adp94xx - ok 20:12:42.0568 5064 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 20:12:42.0597 5064 adpahci - ok 20:12:42.0624 5064 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 20:12:42.0652 5064 adpu320 - ok 20:12:42.0736 5064 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 20:12:42.0739 5064 AFD - ok 20:12:42.0790 5064 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 20:12:42.0812 5064 agp440 - ok 20:12:42.0829 5064 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 20:12:42.0853 5064 aic78xx - ok 20:12:42.0898 5064 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 20:12:42.0920 5064 aliide - ok 20:12:42.0949 5064 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 20:12:42.0973 5064 amdagp - ok 20:12:43.0025 5064 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 20:12:43.0047 5064 amdide - ok 20:12:43.0102 5064 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 20:12:43.0126 5064 AmdK8 - ok 20:12:43.0177 5064 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 20:12:43.0218 5064 AmdPPM - ok 20:12:43.0271 5064 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 20:12:43.0293 5064 amdsata - ok 20:12:43.0320 5064 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 20:12:43.0349 5064 amdsbs - ok 20:12:43.0411 5064 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 20:12:43.0433 5064 amdxata - ok 20:12:43.0462 5064 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 20:12:43.0504 5064 AppID - ok 20:12:43.0602 5064 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 20:12:43.0627 5064 arc - ok 20:12:43.0704 5064 archlp (707d108a808ba472a90d2b9da54b5725) C:\Windows\system32\drivers\archlp.sys 20:12:43.0715 5064 archlp - ok 20:12:43.0751 5064 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 20:12:43.0775 5064 arcsas - ok 20:12:43.0836 5064 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 20:12:43.0859 5064 AsyncMac - ok 20:12:43.0911 5064 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 20:12:43.0912 5064 atapi - ok 20:12:43.0983 5064 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 20:12:43.0992 5064 b06bdrv - ok 20:12:44.0024 5064 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 20:12:44.0077 5064 b57nd60x - ok 20:12:44.0130 5064 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 20:12:44.0153 5064 Beep - ok 20:12:44.0203 5064 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 20:12:44.0225 5064 blbdrive - ok 20:12:44.0330 5064 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 20:12:44.0352 5064 bowser - ok 20:12:44.0402 5064 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:12:44.0405 5064 BrFiltLo - ok 20:12:44.0455 5064 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:12:44.0458 5064 BrFiltUp - ok 20:12:44.0491 5064 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 20:12:44.0498 5064 Brserid - ok 20:12:44.0537 5064 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 20:12:44.0541 5064 BrSerWdm - ok 20:12:44.0560 5064 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:12:44.0563 5064 BrUsbMdm - ok 20:12:44.0611 5064 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 20:12:44.0614 5064 BrUsbSer - ok 20:12:44.0660 5064 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 20:12:44.0683 5064 BTHMODEM - ok 20:12:44.0730 5064 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 20:12:44.0752 5064 cdfs - ok 20:12:44.0810 5064 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 20:12:44.0852 5064 cdrom - ok 20:12:44.0881 5064 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 20:12:44.0884 5064 circlass - ok 20:12:44.0915 5064 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 20:12:44.0921 5064 CLFS - ok 20:12:45.0026 5064 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 20:12:45.0047 5064 CmBatt - ok 20:12:45.0098 5064 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 20:12:45.0121 5064 cmdide - ok 20:12:45.0194 5064 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 20:12:45.0200 5064 CNG - ok 20:12:45.0244 5064 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 20:12:45.0267 5064 Compbatt - ok 20:12:45.0316 5064 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 20:12:45.0319 5064 CompositeBus - ok 20:12:45.0357 5064 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 20:12:45.0380 5064 crcdisk - ok 20:12:45.0437 5064 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 20:12:45.0460 5064 CSC - ok 20:12:45.0526 5064 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 20:12:45.0548 5064 DfsC - ok 20:12:45.0597 5064 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 20:12:45.0620 5064 discache - ok 20:12:45.0665 5064 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 20:12:45.0687 5064 Disk - ok 20:12:45.0742 5064 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 20:12:45.0764 5064 drmkaud - ok 20:12:45.0859 5064 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 20:12:45.0861 5064 dtsoftbus01 - ok 20:12:45.0912 5064 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 20:12:46.0061 5064 DXGKrnl - ok 20:12:46.0151 5064 eamonm (73ce42907cf42bfb91bcd27fe7c7a7af) C:\Windows\system32\DRIVERS\eamonm.sys 20:12:46.0155 5064 eamonm - ok 20:12:46.0298 5064 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 20:12:46.0410 5064 ebdrv - ok 20:12:46.0473 5064 ehdrv (7d300a43a7bd8769e0f901bf9e1ae367) C:\Windows\system32\DRIVERS\ehdrv.sys 20:12:46.0501 5064 ehdrv - ok 20:12:46.0610 5064 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys 20:12:46.0627 5064 ElbyCDFL - ok 20:12:46.0679 5064 ElbyCDIO (76cad4f1291990fc47824b845032e997) C:\Windows\system32\Drivers\ElbyCDIO.sys 20:12:46.0703 5064 ElbyCDIO - ok 20:12:46.0791 5064 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 20:12:46.0849 5064 elxstor - ok 20:12:46.0916 5064 epfw (15bfe00f030ea20955117bb0677e9668) C:\Windows\system32\DRIVERS\epfw.sys 20:12:46.0921 5064 epfw - ok 20:12:46.0958 5064 Epfwndis (52310e0e603d7da79ecca7d764937a91) C:\Windows\system32\DRIVERS\Epfwndis.sys 20:12:46.0980 5064 Epfwndis - ok 20:12:47.0051 5064 epfwwfp (235250a79cf1e16a5a42407cfe3f6a4c) C:\Windows\system32\DRIVERS\epfwwfp.sys 20:12:47.0055 5064 epfwwfp - ok 20:12:47.0123 5064 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 20:12:47.0153 5064 ErrDev - ok 20:12:47.0224 5064 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 20:12:47.0250 5064 exfat - ok 20:12:47.0289 5064 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 20:12:47.0312 5064 fastfat - ok 20:12:47.0364 5064 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 20:12:47.0404 5064 fdc - ok 20:12:47.0483 5064 FETNDIS (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys 20:12:47.0486 5064 FETNDIS - ok 20:12:47.0522 5064 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 20:12:47.0544 5064 FileInfo - ok 20:12:47.0563 5064 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 20:12:47.0586 5064 Filetrace - ok 20:12:47.0621 5064 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 20:12:47.0649 5064 flpydisk - ok 20:12:47.0694 5064 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 20:12:47.0718 5064 FltMgr - ok 20:12:47.0759 5064 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 20:12:47.0782 5064 FsDepends - ok 20:12:47.0807 5064 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 20:12:47.0830 5064 Fs_Rec - ok 20:12:47.0866 5064 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 20:12:47.0913 5064 fvevol - ok 20:12:47.0941 5064 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:12:47.0963 5064 gagp30kx - ok 20:12:48.0018 5064 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:12:48.0024 5064 GEARAspiWDM - ok 20:12:48.0099 5064 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 20:12:48.0121 5064 hcw85cir - ok 20:12:48.0201 5064 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 20:12:48.0262 5064 HdAudAddService - ok 20:12:48.0309 5064 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 20:12:48.0310 5064 HDAudBus - ok 20:12:48.0366 5064 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 20:12:48.0387 5064 HidBatt - ok 20:12:48.0411 5064 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 20:12:48.0434 5064 HidBth - ok 20:12:48.0488 5064 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 20:12:48.0509 5064 HidIr - ok 20:12:48.0566 5064 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 20:12:48.0589 5064 HidUsb - ok 20:12:48.0656 5064 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 20:12:48.0698 5064 HpSAMD - ok 20:12:48.0759 5064 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 20:12:48.0764 5064 HTTP - ok 20:12:48.0823 5064 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 20:12:48.0824 5064 hwpolicy - ok 20:12:48.0874 5064 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 20:12:48.0897 5064 i8042prt - ok 20:12:48.0967 5064 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 20:12:48.0992 5064 iaStorV - ok 20:12:49.0026 5064 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 20:12:49.0048 5064 iirsp - ok 20:12:49.0182 5064 IntcAzAudAddService (aee99ecf06cd1cea95816ccb5bf73ec8) C:\Windows\system32\drivers\RTKVHDA.sys 20:12:49.0227 5064 IntcAzAudAddService - ok 20:12:49.0291 5064 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 20:12:49.0313 5064 intelide - ok 20:12:49.0378 5064 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 20:12:49.0379 5064 intelppm - ok 20:12:49.0425 5064 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:12:49.0447 5064 IpFilterDriver - ok 20:12:49.0502 5064 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 20:12:49.0525 5064 IPMIDRV - ok 20:12:49.0577 5064 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 20:12:49.0620 5064 IPNAT - ok 20:12:49.0707 5064 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 20:12:49.0728 5064 IRENUM - ok 20:12:49.0779 5064 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 20:12:49.0819 5064 isapnp - ok 20:12:49.0852 5064 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 20:12:49.0880 5064 iScsiPrt - ok 20:12:49.0935 5064 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys 20:12:49.0958 5064 ISODrive - ok 20:12:50.0022 5064 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 20:12:50.0047 5064 kbdclass - ok 20:12:50.0075 5064 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 20:12:50.0098 5064 kbdhid - ok 20:12:50.0135 5064 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 20:12:50.0139 5064 KSecDD - ok 20:12:50.0183 5064 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 20:12:50.0206 5064 KSecPkg - ok 20:12:50.0290 5064 LHidFilt (b68309f25c5787385da842eb5b496958) C:\Windows\system32\DRIVERS\LHidFilt.Sys 20:12:50.0292 5064 LHidFilt - ok 20:12:50.0381 5064 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 20:12:50.0404 5064 lltdio - ok 20:12:50.0449 5064 LMouFilt (63d3b1d3cd267fcc186a0146b80d453b) C:\Windows\system32\DRIVERS\LMouFilt.Sys 20:12:50.0452 5064 LMouFilt - ok 20:12:50.0490 5064 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:12:50.0512 5064 LSI_FC - ok 20:12:50.0550 5064 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:12:50.0574 5064 LSI_SAS - ok 20:12:50.0628 5064 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:12:50.0671 5064 LSI_SAS2 - ok 20:12:50.0733 5064 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:12:50.0760 5064 LSI_SCSI - ok 20:12:50.0800 5064 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 20:12:50.0824 5064 luafv - ok 20:12:50.0898 5064 LUsbFilt (0c62957912d4df1e4ba9795e6be3ed38) C:\Windows\system32\Drivers\LUsbFilt.Sys 20:12:50.0916 5064 LUsbFilt - ok 20:12:50.0999 5064 MBAMSwissArmy - ok 20:12:51.0050 5064 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 20:12:51.0091 5064 megasas - ok 20:12:51.0135 5064 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 20:12:51.0164 5064 MegaSR - ok 20:12:51.0250 5064 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 20:12:51.0271 5064 Modem - ok 20:12:51.0315 5064 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 20:12:51.0316 5064 monitor - ok 20:12:51.0380 5064 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 20:12:51.0405 5064 mouclass - ok 20:12:51.0430 5064 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 20:12:51.0453 5064 mouhid - ok 20:12:51.0500 5064 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 20:12:51.0501 5064 mountmgr - ok 20:12:51.0559 5064 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 20:12:51.0602 5064 mpio - ok 20:12:51.0657 5064 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 20:12:51.0680 5064 mpsdrv - ok 20:12:51.0746 5064 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 20:12:51.0769 5064 MRxDAV - ok 20:12:51.0803 5064 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:12:51.0828 5064 mrxsmb - ok 20:12:51.0860 5064 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:12:51.0883 5064 mrxsmb10 - ok 20:12:51.0927 5064 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:12:51.0950 5064 mrxsmb20 - ok 20:12:52.0003 5064 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 20:12:52.0026 5064 msahci - ok 20:12:52.0060 5064 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 20:12:52.0084 5064 msdsm - ok 20:12:52.0178 5064 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 20:12:52.0200 5064 Msfs - ok 20:12:52.0231 5064 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 20:12:52.0250 5064 mshidkmdf - ok 20:12:52.0311 5064 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 20:12:52.0333 5064 msisadrv - ok 20:12:52.0396 5064 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 20:12:52.0411 5064 MSKSSRV - ok 20:12:52.0457 5064 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 20:12:52.0476 5064 MSPCLOCK - ok 20:12:52.0503 5064 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 20:12:52.0507 5064 MSPQM - ok 20:12:52.0528 5064 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 20:12:52.0532 5064 MsRPC - ok 20:12:52.0583 5064 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 20:12:52.0605 5064 mssmbios - ok 20:12:52.0671 5064 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 20:12:52.0690 5064 MSTEE - ok 20:12:52.0749 5064 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 20:12:52.0770 5064 MTConfig - ok 20:12:52.0825 5064 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 20:12:52.0828 5064 Mup - ok 20:12:52.0876 5064 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 20:12:52.0911 5064 NativeWifiP - ok 20:12:52.0979 5064 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 20:12:52.0985 5064 NDIS - ok 20:12:53.0024 5064 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 20:12:53.0045 5064 NdisCap - ok 20:12:53.0089 5064 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 20:12:53.0092 5064 NdisTapi - ok 20:12:53.0142 5064 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 20:12:53.0164 5064 Ndisuio - ok 20:12:53.0192 5064 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 20:12:53.0214 5064 NdisWan - ok 20:12:53.0236 5064 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 20:12:53.0277 5064 NDProxy - ok 20:12:53.0363 5064 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 20:12:53.0397 5064 NetBIOS - ok 20:12:53.0465 5064 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 20:12:53.0489 5064 NetBT - ok 20:12:53.0599 5064 netr73 (76b1157ef850830c5ece61d3e591ca8b) C:\Windows\system32\DRIVERS\netr73.sys 20:12:53.0625 5064 netr73 - ok 20:12:53.0688 5064 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 20:12:53.0717 5064 nfrd960 - ok 20:12:53.0739 5064 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 20:12:53.0761 5064 Npfs - ok 20:12:53.0791 5064 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 20:12:53.0791 5064 nsiproxy - ok 20:12:53.0876 5064 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 20:12:53.0908 5064 Ntfs - ok 20:12:53.0943 5064 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 20:12:53.0964 5064 Null - ok 20:12:54.0279 5064 nvlddmkm (c8cb6135884cbc2a10225c4c3cef0f95) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:12:54.0450 5064 nvlddmkm - ok 20:12:54.0521 5064 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 20:12:54.0544 5064 nvraid - ok 20:12:54.0569 5064 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 20:12:54.0613 5064 nvstor - ok 20:12:54.0706 5064 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 20:12:54.0729 5064 nv_agp - ok 20:12:54.0791 5064 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 20:12:54.0795 5064 ohci1394 - ok 20:12:54.0937 5064 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 20:12:54.0959 5064 Parport - ok 20:12:55.0019 5064 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 20:12:55.0041 5064 partmgr - ok 20:12:55.0099 5064 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 20:12:55.0121 5064 Parvdm - ok 20:12:55.0179 5064 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 20:12:55.0203 5064 pci - ok 20:12:55.0245 5064 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 20:12:55.0267 5064 pciide - ok 20:12:55.0301 5064 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 20:12:55.0332 5064 pcmcia - ok 20:12:55.0387 5064 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 20:12:55.0410 5064 pcw - ok 20:12:55.0462 5064 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 20:12:55.0473 5064 PEAUTH - ok 20:12:55.0597 5064 Ph3xIB32 (8b7aec0aba77de5d2feac1824c15a3fa) C:\Windows\system32\DRIVERS\Ph3xIB32.sys 20:12:55.0649 5064 Ph3xIB32 - ok 20:12:55.0733 5064 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 20:12:55.0756 5064 PptpMiniport - ok 20:12:55.0806 5064 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 20:12:55.0830 5064 Processor - ok 20:12:55.0900 5064 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 20:12:55.0901 5064 Psched - ok 20:12:55.0965 5064 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 20:12:56.0024 5064 ql2300 - ok 20:12:56.0085 5064 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 20:12:56.0109 5064 ql40xx - ok 20:12:56.0152 5064 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 20:12:56.0174 5064 QWAVEdrv - ok 20:12:56.0234 5064 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 20:12:56.0256 5064 RasAcd - ok 20:12:56.0295 5064 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:12:56.0318 5064 RasAgileVpn - ok 20:12:56.0365 5064 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:12:56.0393 5064 Rasl2tp - ok 20:12:56.0449 5064 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 20:12:56.0473 5064 RasPppoe - ok 20:12:56.0523 5064 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 20:12:56.0548 5064 RasSstp - ok 20:12:56.0621 5064 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 20:12:56.0666 5064 rdbss - ok 20:12:56.0702 5064 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 20:12:56.0727 5064 rdpbus - ok 20:12:56.0781 5064 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:12:56.0782 5064 RDPCDD - ok 20:12:56.0837 5064 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 20:12:56.0840 5064 RDPDR - ok 20:12:56.0856 5064 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 20:12:56.0858 5064 RDPENCDD - ok 20:12:56.0876 5064 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 20:12:56.0905 5064 RDPREFMP - ok 20:12:56.0990 5064 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 20:12:57.0012 5064 RdpVideoMiniport - ok 20:12:57.0066 5064 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 20:12:57.0090 5064 RDPWD - ok 20:12:57.0157 5064 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 20:12:57.0180 5064 rdyboost - ok 20:12:57.0300 5064 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 20:12:57.0342 5064 rspndr - ok 20:12:57.0403 5064 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 20:12:57.0425 5064 s3cap - ok 20:12:57.0504 5064 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 20:12:57.0526 5064 SASDIFSV - ok 20:12:57.0555 5064 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 20:12:57.0597 5064 SASKUTIL - ok 20:12:57.0666 5064 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 20:12:57.0688 5064 sbp2port - ok 20:12:57.0729 5064 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 20:12:57.0735 5064 scfilter - ok 20:12:57.0786 5064 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 20:12:57.0808 5064 secdrv - ok 20:12:57.0875 5064 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 20:12:57.0898 5064 Serenum - ok 20:12:57.0942 5064 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 20:12:57.0964 5064 Serial - ok 20:12:58.0023 5064 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 20:12:58.0044 5064 sermouse - ok 20:12:58.0121 5064 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 20:12:58.0142 5064 sffdisk - ok 20:12:58.0166 5064 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 20:12:58.0189 5064 sffp_mmc - ok 20:12:58.0265 5064 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 20:12:58.0287 5064 sffp_sd - ok 20:12:58.0339 5064 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 20:12:58.0362 5064 sfloppy - ok 20:12:58.0432 5064 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 20:12:58.0457 5064 sisagp - ok 20:12:58.0517 5064 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:12:58.0557 5064 SiSRaid2 - ok 20:12:58.0605 5064 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 20:12:58.0650 5064 SiSRaid4 - ok 20:12:58.0688 5064 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 20:12:58.0712 5064 Smb - ok 20:12:58.0805 5064 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 20:12:58.0809 5064 spldr - ok 20:12:58.0874 5064 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys 20:12:58.0874 5064 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505 20:12:58.0876 5064 sptd ( LockedFile.Multi.Generic ) - warning 20:12:58.0877 5064 sptd - detected LockedFile.Multi.Generic (1) 20:12:58.0927 5064 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 20:12:58.0951 5064 srv - ok 20:12:59.0008 5064 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 20:12:59.0033 5064 srv2 - ok 20:12:59.0093 5064 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 20:12:59.0135 5064 srvnet - ok 20:12:59.0201 5064 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 20:12:59.0222 5064 stexstor - ok 20:12:59.0289 5064 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 20:12:59.0311 5064 storflt - ok 20:12:59.0351 5064 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 20:12:59.0374 5064 storvsc - ok 20:12:59.0410 5064 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 20:12:59.0414 5064 swenum - ok 20:12:59.0455 5064 Synth3dVsc - ok 20:12:59.0555 5064 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys 20:12:59.0587 5064 Tcpip - ok 20:12:59.0637 5064 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys 20:12:59.0647 5064 TCPIP6 - ok 20:12:59.0702 5064 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 20:12:59.0744 5064 tcpipreg - ok 20:12:59.0798 5064 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 20:12:59.0820 5064 TDPIPE - ok 20:12:59.0851 5064 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 20:12:59.0875 5064 TDTCP - ok 20:12:59.0922 5064 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 20:12:59.0964 5064 tdx - ok 20:13:00.0032 5064 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 20:13:00.0055 5064 TermDD - ok 20:13:00.0140 5064 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:13:00.0201 5064 tssecsrv - ok 20:13:00.0266 5064 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 20:13:00.0291 5064 TsUsbFlt - ok 20:13:00.0312 5064 tsusbhub - ok 20:13:00.0347 5064 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 20:13:00.0372 5064 tunnel - ok 20:13:00.0422 5064 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 20:13:00.0447 5064 uagp35 - ok 20:13:00.0497 5064 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 20:13:00.0539 5064 udfs - ok 20:13:00.0589 5064 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 20:13:00.0614 5064 uliagpkx - ok 20:13:00.0652 5064 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 20:13:00.0674 5064 umbus - ok 20:13:00.0713 5064 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 20:13:00.0736 5064 UmPass - ok 20:13:00.0800 5064 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys 20:13:00.0803 5064 UnlockerDriver5 - ok 20:13:00.0862 5064 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 20:13:00.0904 5064 usbccgp - ok 20:13:00.0948 5064 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 20:13:00.0975 5064 usbcir - ok 20:13:01.0004 5064 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 20:13:01.0027 5064 usbehci - ok 20:13:01.0107 5064 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 20:13:01.0131 5064 usbhub - ok 20:13:01.0190 5064 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 20:13:01.0211 5064 usbohci - ok 20:13:01.0267 5064 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 20:13:01.0291 5064 usbprint - ok 20:13:01.0334 5064 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 20:13:01.0357 5064 usbscan - ok 20:13:01.0411 5064 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:13:01.0413 5064 USBSTOR - ok 20:13:01.0446 5064 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 20:13:01.0467 5064 usbuhci - ok 20:13:01.0540 5064 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 20:13:01.0562 5064 vdrvroot - ok 20:13:01.0602 5064 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 20:13:01.0625 5064 vga - ok 20:13:01.0675 5064 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 20:13:01.0716 5064 VgaSave - ok 20:13:01.0746 5064 VGPU - ok 20:13:01.0793 5064 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 20:13:01.0817 5064 vhdmp - ok 20:13:01.0851 5064 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 20:13:01.0875 5064 viaagp - ok 20:13:01.0952 5064 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 20:13:01.0976 5064 ViaC7 - ok 20:13:02.0040 5064 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 20:13:02.0061 5064 viaide - ok 20:13:02.0112 5064 videX32 (c147afa614b9925479d47cd173329789) C:\Windows\system32\DRIVERS\videX32.sys 20:13:02.0141 5064 videX32 - ok 20:13:02.0185 5064 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 20:13:02.0190 5064 vmbus - ok 20:13:02.0227 5064 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 20:13:02.0230 5064 VMBusHID - ok 20:13:02.0260 5064 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 20:13:02.0303 5064 volmgr - ok 20:13:02.0339 5064 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 20:13:02.0344 5064 volmgrx - ok 20:13:02.0385 5064 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 20:13:02.0428 5064 volsnap - ok 20:13:02.0455 5064 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 20:13:02.0479 5064 vsmraid - ok 20:13:02.0534 5064 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 20:13:02.0556 5064 vwifibus - ok 20:13:02.0597 5064 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 20:13:02.0638 5064 vwififlt - ok 20:13:02.0700 5064 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 20:13:02.0723 5064 WacomPen - ok 20:13:02.0785 5064 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 20:13:02.0809 5064 WANARP - ok 20:13:02.0815 5064 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 20:13:02.0816 5064 Wanarpv6 - ok 20:13:02.0992 5064 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 20:13:03.0013 5064 Wd - ok 20:13:03.0041 5064 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 20:13:03.0091 5064 Wdf01000 - ok 20:13:03.0152 5064 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 20:13:03.0173 5064 WfpLwf - ok 20:13:03.0228 5064 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 20:13:03.0251 5064 WIMMount - ok 20:13:03.0351 5064 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 20:13:03.0355 5064 WinUsb - ok 20:13:03.0424 5064 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 20:13:03.0446 5064 WmiAcpi - ok 20:13:03.0517 5064 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 20:13:03.0539 5064 ws2ifsl - ok 20:13:03.0597 5064 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 20:13:03.0621 5064 WudfPf - ok 20:13:03.0659 5064 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:13:03.0664 5064 WUDFRd - ok 20:13:03.0730 5064 xfilt (c7f0d7aa3a3c2df333afdd593106f39f) C:\Windows\system32\DRIVERS\xfilt.sys 20:13:03.0753 5064 xfilt - ok 20:13:03.0818 5064 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys 20:13:03.0820 5064 XUIF - ok 20:13:03.0920 5064 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl 20:13:03.0923 5064 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok 20:13:03.0946 5064 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:13:03.0953 5064 \Device\Harddisk0\DR0 - ok 20:13:03.0959 5064 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4 20:13:04.0098 5064 \Device\Harddisk4\DR4 - ok 20:13:04.0113 5064 Boot (0x1200) (0d53535c14b6f9f18c24201a2884c83d) \Device\Harddisk0\DR0\Partition0 20:13:04.0114 5064 \Device\Harddisk0\DR0\Partition0 - ok 20:13:04.0135 5064 Boot (0x1200) (e66fcca18e84f6e8501daba72b77a7ad) \Device\Harddisk0\DR0\Partition1 20:13:04.0136 5064 \Device\Harddisk0\DR0\Partition1 - ok 20:13:04.0146 5064 Boot (0x1200) (b8324f290a9f476416fe6a66384967db) \Device\Harddisk4\DR4\Partition0 20:13:04.0149 5064 \Device\Harddisk4\DR4\Partition0 - ok 20:13:04.0149 5064 ============================================================ 20:13:04.0149 5064 Scan finished 20:13:04.0149 5064 ============================================================ 20:13:04.0169 5832 Detected object count: 1 20:13:04.0169 5832 Actual detected object count: 1 20:14:36.0592 5832 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine 20:14:36.0727 5832 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine 20:14:44.0455 4076 Deinitialize success
  • ComboFix 11-11-06.02 - Gebruiker 06-11-2011 20:45:08.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2046.1057 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Downloads\ComboFix.exe AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} FW: ESET Persoonlijke firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Autorun.inf c:\program files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml c:\programdata\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk C:\setup.exe c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\w1dmsnvf.default\searchplugins\SearchquWebSearch.xml c:\windows\system32\Thumbs.db J:\autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-06 to 2011-11-06 )))))))))))))))))))))))))))))) . . 2011-11-06 19:14 . 2011-11-06 19:16 -------- d-----w- C:\TDSSKiller_Quarantine 2011-11-06 18:04 . 2011-11-06 18:04 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes 2011-11-06 18:03 . 2011-11-06 18:03 -------- d-----w- c:\programdata\Malwarebytes 2011-11-06 18:03 . 2011-11-06 18:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-06 18:03 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-06 17:36 . 2011-11-06 17:36 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-06 17:36 . 2011-11-06 17:36 -------- d-----w- c:\program files\Trend Micro 2011-11-04 23:21 . 2011-11-04 23:21 -------- d-----w- c:\windows\system32\wbem\en-US 2011-11-04 23:19 . 2011-11-04 23:19 -------- d--h--w- c:\windows\msdownld.tmp 2011-11-04 22:23 . 2011-10-18 01:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{47FE1880-CF31-4BD5-93C3-799E7C369611}\mpengine.dll 2011-10-30 21:02 . 2011-05-24 18:14 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-10-24 12:10 . 2011-10-24 12:10 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2011-10-24 12:07 . 2010-12-21 06:01 56600 ----a-w- c:\windows\system32\pxc40pm.dll 2011-10-24 12:07 . 2011-10-24 12:07 -------- d-----w- c:\program files\Tracker Software 2011-10-23 17:48 . 2011-10-23 17:48 -------- d-----w- c:\program files\Common Files\Java 2011-10-17 15:21 . 2011-10-17 15:21 -------- d-----w- c:\users\Gebruiker\AppData\Local\Windows Live Writer 2011-10-17 15:21 . 2011-10-17 15:21 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Windows Live Writer 2011-10-13 10:31 . 2011-10-13 10:31 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\URSoft 2011-10-13 10:31 . 2011-10-13 10:31 -------- d-----w- c:\program files\Your Uninstaller 2010 By MMZahyan 2011-10-12 10:01 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-12 10:01 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-12 10:01 . 2011-09-06 02:28 2334720 ----a-w- c:\windows\system32\win32k.sys 2011-10-12 10:01 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-12 10:01 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-02 21:44 . 2011-05-22 12:30 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-03 03:06 . 2010-08-29 18:31 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-09-05 17:05 . 2011-09-05 17:05 47512 ----a-w- c:\windows\system32\AdobePDF.dll 2011-09-05 17:04 . 2011-09-05 17:04 22936 ----a-w- c:\windows\system32\AdobePDFUI.dll 2011-10-28 15:23 . 2011-03-31 17:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-10-31 14:48 2048 --sha-w- c:\windows\actofvl\clip.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "RegClean Expert Scheduler"="c:\program files\Registry Clean Expert\RCHelper.exe" [2009-11-09 605944] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2011-09-06 366024] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-22 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-28 9398888] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064] "KPN"="c:\program files\KPN\bin\sprtcmd.exe" [2008-06-06 198184] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 2781000] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-20 107816] "RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336] "BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-11-17 75048] "UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2010-09-17 222504] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MusicFrost.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MusicFrost.lnk backup=c:\windows\pss\MusicFrost.lnkCommon Startup . [HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk] path=c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk backup=c:\windows\pss\LimeWire On Startup.lnkStartup . [HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk] path=c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2010 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] 2009-03-24 02:00 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] 2009-03-18 01:40 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] 2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-04-14 09:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2010-08-16 11:45 2736128 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . R2 CLKMSVC10_CDD7036C;CyberLink Product - 2011/06/06 22:16;c:\program files\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [2010-11-09 246256] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 135664] R3 c2wts;Claims voor Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-03 13080] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 135664] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-22 691696] S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2010-07-07 65720] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-05 218688] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336] S2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 2398536] S2 sprtsvc_KPN;SupportSoft Sprocket Service (KPN);c:\program files\KPN\bin\sprtsvc.exe [2008-06-06 202016] S3 netr73;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2009-07-13 1311232] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - 05002196 *NewlyCreated* - 33074235 *NewlyCreated* - 94163834 *Deregistered* - 05002196 *Deregistered* - 33074235 *Deregistered* - 94163834 *Deregistered* - CLKMDRV10_CDD7036C . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-08-16 11:43 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 18:47] . 2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-22 18:47] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\w1dmsnvf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q= . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) MSConfigStartUp-FTD Watchdog Monitor - c:\program files\FTD Watchdog\FtdMonitor.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.032" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.abr" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ani" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.apd" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.arw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.bay" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.bmp" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.bw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.bwf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.caf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.cel" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.cr2" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.crw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.cs1" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.cur" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.dcr" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.dcx" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.dib" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.djv" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.djvu" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.dng" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.emf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.eps" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.erf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.fff" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.fpx" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.gif" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gsm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.gsm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.hdr" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.icl" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.icn" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.iff" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ilbm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.int" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.inta" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.iw4" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.j2c" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.j2k" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jbr" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.jfif" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jif" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jp2" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpc" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.jpe" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.jpeg" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.jpg" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpk" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.jpx" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.kar" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.kdc" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.lbm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.m15" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.m1a" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.m2a" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.m75" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.mef" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.mos" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.mpv" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.mrw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.nef" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.nrw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.orf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pbm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pbr" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pcd" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pct" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pcx" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.pef" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pgm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pic" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pics" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pict" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pix" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.png" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ppm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.psd" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.psp" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pspbrush" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.pspimage" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.qcp" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.qtpf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.raf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ras" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.raw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rgb" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rgba" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rle" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rsb" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.rw2" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.rwl" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.sdv" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.sfil" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.sgi" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.smf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.sml" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.sr2" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.srf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.swa" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.tga" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.thm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.tif" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-2929843103-4053892530-2965582019-1000) "Progid"="ACDSee Pro 3.tiff" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ttc" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ttf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.ulw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.vfw" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.wbm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.wbmp" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.wmf" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.xbm" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.xif" . [HKEY_USERS\S-1-5-21-2929843103-4053892530-2965582019-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 3.xpm" . [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) "AppDataDir"="c:\\ProgramData\\ESET\\ESET Smart Security\\" "DataDir"="ESET\\ESET Smart Security\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\" "LanguageId"=dword:00000413 "PackageTag"=dword:6090e758 "ProductBase"=dword:00000001 "ProductCode"="{A48A3613-6E21-4559-9A48-629FF706B0B6}" "ProductName"="ESET Smart Security" "ProductType"="ess" "ProductVersion"="4.2.64.12" "UniqueId"="00574A314C71610A" "ScannerBuild"=dword:00001dd3 "ScannerVersionId"=dword:000014f0 "ScannerVersion"="Locked/open ESET for status." "ei2"=hex(b):7d,0c,04,20,62,05,37,11 "ei1"=hex(b):00,16,17,e3,df,60,00,00 "ei3"=hex(b):a8,47,9c,4e,00,00,00,00 "ei4"=dword:00000001 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-11-06 20:55:55 ComboFix-quarantined-files.txt 2011-11-06 19:55 . Pre-Run: 164.176.728.064 bytes beschikbaar Post-Run: 164.297.293.824 bytes beschikbaar . - - End Of File - - E6D4CCA3AE705667CCCC870BDEF62A7C
  • Tot nu toe geen tekst meer Voorzichtig hoera :wink:
  • In Fire fox geen stem alleen bij i.e.9 Lijkt daar dus ergens te huizen ,heb i.e.9 al een keer verwijderd maar mocht niet baten. gr jan :roll:
  • Hoi, J: is een USB-stick? Download de [b:9a5d9eb00d][url=http://download11.emsisoft.com/EmsisoftEmergencyKit.zip][color=#FF0000:9a5d9eb00d]Emsisoft Emergency Kit[/color:9a5d9eb00d][/url][/b:9a5d9eb00d] naar het bureaublad en pak het [b:9a5d9eb00d]ZIP[/b:9a5d9eb00d] bestand uit. [list:9a5d9eb00d] [*:9a5d9eb00d] Open de map "[b:9a5d9eb00d]EmsisoftEmergencyKit[/b:9a5d9eb00d]" en dubbelklik op "[b:9a5d9eb00d]Start.exe[/b:9a5d9eb00d]" [*:9a5d9eb00d] Klik nu op "[b:9a5d9eb00d]Emergency Kit Scanner[/b:9a5d9eb00d]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:9a5d9eb00d]Ja[/b:9a5d9eb00d]" [img:9a5d9eb00d]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:9a5d9eb00d] [*:9a5d9eb00d] Als de update gereed is en de melding "[b:9a5d9eb00d]Update process is succesvol afgerond[/b:9a5d9eb00d]" verschijnt klikt u op "[b:9a5d9eb00d]menu[/b:9a5d9eb00d]" en dan op "[b:9a5d9eb00d]Scan PC[/b:9a5d9eb00d]" [*:9a5d9eb00d] Selecteer de optie "[b:9a5d9eb00d]Diep[/b:9a5d9eb00d]" als deze niet standaard al zo is ingesteld. [*:9a5d9eb00d] Klik Nu op de knop "[b:9a5d9eb00d]Scan[/b:9a5d9eb00d]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af. [*:9a5d9eb00d] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is. [*:9a5d9eb00d] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:9a5d9eb00d]verwijder geselecteerde[/b:9a5d9eb00d]" u zal nu de volgende melding krijgen maar klik hier op "[b:9a5d9eb00d]Ja[/b:9a5d9eb00d]" [img:9a5d9eb00d]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:9a5d9eb00d] [*:9a5d9eb00d] Als het verwijderen gereed is klikt u op de knop "[b:9a5d9eb00d]View report[/b:9a5d9eb00d]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:9a5d9eb00d]a2scan_110730-111615.txt[/b:9a5d9eb00d] [*:9a5d9eb00d] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht. [*:9a5d9eb00d] Herstart nu de computer.[/list:u:9a5d9eb00d]
  • Hoi Abraham. Ik ga morgen verder i.v.m. de tijd ,morgen weer om 5.30 van huis. Moet zo naar bed. Morgen meer. bedankt zo ver

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.