Vraag & Antwoord

Beveiliging & privacy

Open port 53.. Just a check

47 antwoorden
  • J hebt een oude versie van Hijack This gebruikt! En die missing files ontstaan omdat Hijack This nog steeds niet goed om kan gaan met Windows 64-bit! [b:3074f97447]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:3074f97447] [color=#0000FF:3074f97447][list:3074f97447][*:3074f97447]Lees alle instrukties goed door. [*:3074f97447]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:3074f97447]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:3074f97447]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:3074f97447]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:3074f97447]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:3074f97447][/color:3074f97447] [color=#FF0000:3074f97447][b:3074f97447]Stap •1•[/b:3074f97447][/color:3074f97447] [b:3074f97447]Welk programma[/b:3074f97447]: Trend Micro [b:3074f97447]Hijack This Versie 2.0.4[/b:3074f97447] [b:3074f97447]Waarvoor/waarom[/b:3074f97447]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:3074f97447]Moeilijkheidsgraad[/b:3074f97447]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:3074f97447]Download[/b:3074f97447] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:3074f97447]HijackThis Installer[/b:3074f97447][/url] [b:3074f97447]Installatie[/b:3074f97447]: [list:3074f97447][*:3074f97447]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:3074f97447] Gebruikers van [b:3074f97447]Windows Vista[/b:3074f97447] en [b:3074f97447]Windows 7[/b:3074f97447] gaan daarna naar de installatielokatie van HijackThis. [list:3074f97447][*:3074f97447]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen. [*:3074f97447]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren". [*:3074f97447]Als laatste wordt dan nog op [b:3074f97447]Toepassen[/b:3074f97447] en [b:3074f97447]OK[/b:3074f97447] geklikt[/list:u:3074f97447] [b:3074f97447]Hijack This gebruiken[/b:3074f97447]: [list:3074f97447][*:3074f97447]Sluit eerst alle openstaande programma's en de webbrowsers. [*:3074f97447]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:3074f97447][*:3074f97447]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:3074f97447] [*:3074f97447]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:3074f97447]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht. [*:3074f97447]Hierna mag je Hijack This weer sluiten[/list:u:3074f97447] [color=#FF0000:3074f97447][b:3074f97447]Stap •2•[/b:3074f97447][/color:3074f97447] [b:3074f97447]Welk programma[/b:3074f97447]: Malwarebytes MBAM [b:3074f97447]Waarvoor/waarom[/b:3074f97447]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:3074f97447]Moeilijkheidsgraad[/b:3074f97447]: geen. [b:3074f97447]Download Malwarebytes MBAM via één van deze locaties[/b:3074f97447]: [list:3074f97447][*:3074f97447][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:3074f97447]Download.com[/b:3074f97447][/url] [*:3074f97447][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:3074f97447]Softpedia.com[/b:3074f97447][/url][*:3074f97447][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:3074f97447]Majorgeeks.com[/b:3074f97447][/url][/list:u:3074f97447] [b:3074f97447]Allereerst[/b:3074f97447]:[list:3074f97447][*:3074f97447] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:3074f97447] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:3074f97447] [b:3074f97447]Malwarebytes MBAM opstarten[/b:3074f97447]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:3074f97447][*:3074f97447][b:3074f97447]Let op:[/b:3074f97447] [list:3074f97447][*:3074f97447]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:3074f97447]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:3074f97447]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:3074f97447]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:3074f97447][/list:u:3074f97447] [img:3074f97447]http://img30.imageshack.us/img30/3928/mbam2.png[/img:3074f97447] [list:3074f97447][*:3074f97447][b:3074f97447]Doe ook nog het volgende:[/b:3074f97447] [list:3074f97447][*:3074f97447]Zodra het programma gestart is, ga dan naar het tabblad "[b:3074f97447]Instellingen[/b:3074f97447]". [*:3074f97447]Vink hier aan: "[b:3074f97447]Sluit Internet Explorer tijdens verwijdering van malware[/b:3074f97447]".[/list:u:3074f97447][/list:u:3074f97447] [b:3074f97447]Scannen[/b:3074f97447]: [list:3074f97447][*:3074f97447] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:3074f97447]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:3074f97447]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:3074f97447] [b:3074f97447]Infecties gevonden[/b:3074f97447]: [list:3074f97447][*:3074f97447]Klik nu eerst op OK om de melding weg te klikken [*:3074f97447]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:3074f97447]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:3074f97447]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:3074f97447]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:3074f97447]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:3074f97447] [b:3074f97447]MBAM-Log[/b:3074f97447]: [list:3074f97447][*:3074f97447] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:3074f97447] [b:3074f97447]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:3074f97447] [color=#FF0000:3074f97447][b:3074f97447]Stap •3•[/b:3074f97447][/color:3074f97447] [b:3074f97447]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:3074f97447] [list:3074f97447][*:3074f97447] een Hijackthis-log [*:3074f97447] MBAM scanlog[/list:u:3074f97447]
  • Ik kan 2.04 niet als administrator starten? (Hijackthis)
  • Via program compatibility toch aan de gang gekregen.. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:02:15, on 20-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\vVX1000.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Users\Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe D:\Adobe\CS4\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sander\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Google Update] "C:\Users\Sander\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D442C5E8-F8D5-4DEC-8DDB-48E545B3F954}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14918 bytes
  • Je hebt Spybot in jouw Windows. En je hebt Teatimer ingeschakeld. Een volkomen overbodige maatregel in Windows 7! Heb je Gebruikersaccountbeheer wel ingeschakeld? [b:49eb00961a]Deaktiveer [color=blue:49eb00961a]TeaTimer en SDHelper[/color:49eb00961a] van Spybot tijdens de fix want deze onderdelen kunnen veranderingen ongedaan maken[/b:49eb00961a]. [list:49eb00961a][*:49eb00961a] Start Spybot S&D [*:49eb00961a] Ga naar het Mode menu en selecteer "Advanced Mode" [*:49eb00961a] In de linker kolom kies [b:49eb00961a]"Tools"[/b:49eb00961a] (of gereedschap ) en klik op > [b:49eb00961a]Resident[/b:49eb00961a] [*:49eb00961a] Uitvinken [color=blue:49eb00961a]"Resident TeaTimer en SDHelper[/color:49eb00961a]" en sluit Spybot S&D. [*:49eb00961a] [b:49eb00961a]Start de computer hierna opnieuw op[/b:49eb00961a].[/list:u:49eb00961a]
  • [quote:ae41541351="Abraham54"]Je hebt Spybot in jouw Windows. En je hebt Teatimer ingeschakeld. [/quote:ae41541351] Uitgeschakeld volgens instructies [quote:ae41541351="Abraham54"]Heb je Gebruikersaccountbeheer wel ingeschakeld? [/quote:ae41541351] Voor zover ik weet wel. Ik heb het nooit uitgezet iig. Daarnaast kon ik 2.02 en vele andere programma's nog steeds via de rechtermuisknop als admin starten. Hoe dan ook, beide logs hieronder: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:16:48, on 20-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\vVX1000.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe D:\Adobe\CS4\Acrobat 9.0\Acrobat\acrobat_sl.exe D:\Adobe\CS4\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe D:\Adobe\CS4\Acrobat 9.0\Acrobat\AcroDist.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Users\Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Google Update] "C:\Users\Sander\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D442C5E8-F8D5-4DEC-8DDB-48E545B3F954}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13618 bytes Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8202 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 20-11-2011 23:08:46 mbam-log-2011-11-20 (23-08-46).txt Scantype: Snelle scan Objecten gescand: 174815 Verstreken tijd: 3 minuut/minuten, 3 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)
  • [color=#FF0000:a188ba61f2][b:a188ba61f2]Stap •1•[/b:a188ba61f2][/color:a188ba61f2] sluit alle openstaande vensters en start dan HijackThis en klik op de knop [b:a188ba61f2]Do a Scan only, O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (file missing) [/b:a188ba61f2] • zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen • vervolgens klik je daarna op de knop [b:a188ba61f2]Fix checked[/b:a188ba61f2] • Klik hierna HijackThis op uit.[/list] Overigens vind ik onderstaande een beetje vreemd: O17 - HKLM\System\CCS\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D442C5E8-F8D5-4DEC-8DDB-48E545B3F954}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 [color=#FF0000:a188ba61f2][b:a188ba61f2]Stap •2•[/b:a188ba61f2][/color:a188ba61f2] [b:a188ba61f2]Welk programma[/b:a188ba61f2]: ComboFix [b:a188ba61f2]Waarvoor/waarom[/b:a188ba61f2]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:a188ba61f2]Moeilijkheidsgraad[/b:a188ba61f2]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:a188ba61f2]Downloadlokatie[/b:a188ba61f2]: Dit programma absoluut naar het bureaublad downloaden! [b:a188ba61f2]Download ComboFix via één van deze locaties[/b:a188ba61f2]: [list:a188ba61f2][*:a188ba61f2][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:a188ba61f2]Bleepingcomputer[/b:a188ba61f2][/url] [*:a188ba61f2][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:a188ba61f2]ForoSpyware[/b:a188ba61f2][/url] [*:a188ba61f2][url=http://subs.geekstogo.com/ComboFix.exe][b:a188ba61f2]Geekstogo[/b:a188ba61f2][/url][/list:u:a188ba61f2] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:a188ba61f2]Hier[/b:a188ba61f2][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:a188ba61f2]Hier[/b:a188ba61f2][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:a188ba61f2]hier[/b:a188ba61f2][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:a188ba61f2]Voor alle duidelijkheid nogmaals[/b:a188ba61f2]: ComboFix dient vanaf het bureaublad gestart te worden. [b:a188ba61f2]Opmerkingen[/b:a188ba61f2]: [list:a188ba61f2][*:a188ba61f2] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:a188ba61f2]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:a188ba61f2]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:a188ba61f2] [b:a188ba61f2]ComboFix is opgestart[/b:a188ba61f2]: [list:a188ba61f2][*:a188ba61f2]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:a188ba61f2]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:a188ba61f2]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:a188ba61f2]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:a188ba61f2]Post de inhoud van dit logbestand in je volgende bericht. [*:a188ba61f2]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:a188ba61f2] [b:a188ba61f2]Belangrijke opmerking[/b:a188ba61f2]: [list:a188ba61f2][*:a188ba61f2][b:a188ba61f2][color=Red:a188ba61f2]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:a188ba61f2][/b:a188ba61f2] [*:a188ba61f2][b:a188ba61f2][color=blue:a188ba61f2]Illegal operation attempted on a registery key that has been marked for deletion.[/color:a188ba61f2][/b:a188ba61f2] [*:a188ba61f2][b:a188ba61f2][color=Red:a188ba61f2]Start dan de computer opnieuw op.[/color:a188ba61f2][/b:a188ba61f2][/list:u:a188ba61f2] [color=#FF0000:a188ba61f2][b:a188ba61f2]Stap •3•[/b:a188ba61f2][/color:a188ba61f2] [b:a188ba61f2]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:a188ba61f2] [list:a188ba61f2][*:a188ba61f2] Hijack This-log [*:a188ba61f2] ComboFix.txt-log [/list:u:a188ba61f2]
  • Hi Abraham54, Ik vond die nameservers ook vreemd. Kan dat komen omdat ik een fixed-ip heb ingesteld? Ik zal dat later weer even naar automatisch veranderen om te zien of het dan verdwijnt. Waar kan dit anders door zijn gekomen? Voor nu ga ik de pc even afsluiten om wat nachtrust te krijgen.. Morgen ga ik weer verder! Bedankt alvast!
  • Bij deze: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:28:44, on 21-11-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\vVX1000.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Users\Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe D:\Adobe\CS4\Acrobat 9.0\Acrobat\acrobat_sl.exe D:\Adobe\CS4\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - Startup: Dropbox.lnk = Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D442C5E8-F8D5-4DEC-8DDB-48E545B3F954}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11620 bytes ComboFix 11-11-21.01 - Sander 21-11-2011 18:18:50.1.2 - x64 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.31.1033.18.2046.1180 [GMT 1:00] Gestart vanuit: c:\users\Sander\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\xml4152.tmp c:\programdata\xml472D.tmp c:\programdata\xml4808.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-21 to 2011-11-21 )))))))))))))))))))))))))))))) . . 2011-11-21 17:23 . 2011-11-21 17:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-20 22:04 . 2011-11-20 22:04 -------- d-----w- c:\users\Sander\AppData\Roaming\Malwarebytes 2011-11-20 22:04 . 2011-11-20 22:04 -------- d-----w- c:\programdata\Malwarebytes 2011-11-20 22:04 . 2011-11-20 22:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-11-20 22:04 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-20 22:00 . 2011-11-20 22:00 388096 ----a-r- c:\users\Sander\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-20 21:36 . 2011-11-20 21:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-11-20 21:36 . 2011-11-20 21:36 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-11-20 21:19 . 2011-11-20 21:19 -------- d-----w- c:\program files (x86)\Trend Micro 2011-11-20 21:11 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2011-11-20 18:37 . 2011-11-20 18:37 -------- d-----w- c:\users\Sander\AppData\Roaming\Avira 2011-11-20 18:36 . 2011-09-18 07:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-11-20 18:36 . 2011-09-15 22:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-11-20 18:36 . 2011-09-15 22:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2011-11-20 18:36 . 2011-11-20 18:36 -------- d-----w- c:\programdata\Avira 2011-11-20 18:36 . 2011-11-20 18:36 -------- d-----w- c:\program files (x86)\Avira 2011-11-20 14:25 . 2011-11-20 14:25 -------- d-----w- c:\users\Sander\AppData\Local\MetaGeek,_LLC 2011-11-20 14:15 . 2011-11-20 14:15 -------- d-----w- c:\program files\MetaGeek 2011-11-19 14:32 . 2011-11-19 14:32 -------- d-----w- c:\users\Sander\AppData\Local\uTorrent 2011-11-19 14:08 . 2011-11-19 14:08 -------- d-----w- c:\users\Sander\AppData\Roaming\Overlook 2011-11-19 14:07 . 2011-11-19 14:07 -------- d-----w- c:\program files (x86)\WinPcap 2011-11-19 14:07 . 2011-11-19 14:07 -------- d-----w- c:\programdata\Overlook 2011-11-19 14:07 . 2011-11-19 14:07 -------- d-----w- c:\program files (x86)\Overlook Fing 1.4 2011-11-09 18:13 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-09 18:13 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll 2011-11-09 18:13 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 18:13 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys 2011-11-05 09:17 . 2011-11-16 19:51 -------- d-----w- c:\users\Sander\AppData\Local\Adobe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-03 04:06 . 2011-01-16 15:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-09-01 05:24 . 2011-10-14 01:01 2309120 ----a-w- c:\windows\system32\jscript9.dll 2011-09-01 05:17 . 2011-10-14 01:01 1389056 ----a-w- c:\windows\system32\wininet.dll 2011-09-01 05:12 . 2011-10-14 01:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-09-01 02:35 . 2011-10-14 01:01 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-09-01 02:28 . 2011-10-14 01:01 1126912 ----a-w- c:\windows\SysWow64\wininet.dll 2011-09-01 02:22 . 2011-10-14 01:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-08-27 05:37 . 2011-10-13 20:16 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 05:37 . 2011-10-13 20:16 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-08-27 04:26 . 2011-10-13 20:16 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-08-27 04:26 . 2011-10-13 20:16 233472 ----a-w- c:\windows\SysWow64\oleacc.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Sander\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Sander\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Sander\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="d:\adobe\CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="d:\adobe\CS4\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-08-22 593920] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-09-23 258512] . c:\users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-2 24183152] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-3-14 2938184] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-14 136176] R2 WLMS;Windows Licensing Monitoring Service;c:\windows\system32\wlms\wlms.exe [x] R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-06-29 25640] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-26 1038088] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-14 136176] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-06-29 30528] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [x] R3 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] R3 SandraAgentSrv;SiSoftware Deployment Agent Service;d:\program files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2009-08-17 93848] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 AmdLLD64;AMD Low Level Device Driver;c:\windows\system32\DRIVERS\AmdLLD64.sys [x] S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x] S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-14 15:27] . 2011-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-14 15:27] . 2011-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677367547-3624079886-4196243676-1000Core.job - c:\users\Sander\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 15:27] . 2011-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677367547-3624079886-4196243676-1000UA.job - c:\users\Sander\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 15:27] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Sander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Sander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Sander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Sander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-12 10134560] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536] "VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html TCP: Interfaces\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 TCP: Interfaces\{D442C5E8-F8D5-4DEC-8DDB-48E545B3F954}: NameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKLM-Run-AMD_Display - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-677367547-3624079886-4196243676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (S-1-5-21-677367547-3624079886-4196243676-1000) @Denied: (2) (LocalSystem) "Progid"="ThunderbirdEML" . [HKEY_USERS\S-1-5-21-677367547-3624079886-4196243676-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-11-21 18:25:05 ComboFix-quarantined-files.txt 2011-11-21 17:25 . Pre-Run: 2.304.507.904 bytes free Post-Run: 2.395.398.144 bytes free . - - End Of File - - 72CF6BE6A6A92EBC3CD520EE6B482445
  • Die nameservers bevatten het adres van de gateway. Je mag het volgende doen: [b:393e4f2dea]Welk programma[/b:393e4f2dea]: Kaspersky [b:393e4f2dea]TDSSKiller[/b:393e4f2dea] [b:393e4f2dea]Waarvoor/waarom[/b:393e4f2dea]: Rootkitscanner [b:393e4f2dea]Moeilijkheidsgraad[/b:393e4f2dea]: geen [b:393e4f2dea]Downloadlokatie[/b:393e4f2dea]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:393e4f2dea]Download[/b:393e4f2dea] [b:393e4f2dea]TDSSKiller[/b:393e4f2dea] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:393e4f2dea]hier[/b:393e4f2dea][/url]. [b:393e4f2dea]Installatie[/b:393e4f2dea]: [list:393e4f2dea][*:393e4f2dea] pak het bestand uit op je bureaublad.[/list:u:393e4f2dea] [b:393e4f2dea]TDSSKiller gebruiken[/b:393e4f2dea]: [list:393e4f2dea][*:393e4f2dea]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:393e4f2dea]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:393e4f2dea]Als Administrator uitvoeren[/b:393e4f2dea]. [*:393e4f2dea]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:393e4f2dea] [img:393e4f2dea]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:393e4f2dea] [list:393e4f2dea][*:393e4f2dea]Klik vervolgens op de knop [b:393e4f2dea]"Start Scan"[/b:393e4f2dea] en volg de instructies. [*:393e4f2dea] Nadat de scan klaar is klik je op de knop [b:393e4f2dea]"Report"[/b:393e4f2dea]. [*:393e4f2dea]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:393e4f2dea][*:393e4f2dea][b:393e4f2dea]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:393e4f2dea] [*:393e4f2dea]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:393e4f2dea]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:393e4f2dea][/list:u:393e4f2dea][/list:u:393e4f2dea]
  • Ga ik mee aan de slag. De nameservers zijn verdwenen. Zowel mijn netwerkkaart als wifiadapter hadden fixed adressen. Deze heb ik op automatisch gezet en de nameservers zijn weg. Na deze checks etc zet ik ze weer fixed, eens kijken wat er gebeurt.
  • 1 threat, hij geeft de optie skip... SPTD 18:59:02.0776 5008 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50 18:59:03.0494 5008 ============================================================ 18:59:03.0494 5008 Current date / time: 2011/11/21 18:59:03.0494 18:59:03.0494 5008 SystemInfo: 18:59:03.0494 5008 18:59:03.0494 5008 OS Version: 6.1.7601 ServicePack: 1.0 18:59:03.0494 5008 Product type: Workstation 18:59:03.0494 5008 ComputerName: BLACKONE2 18:59:03.0494 5008 UserName: Sander 18:59:03.0494 5008 Windows directory: C:\Windows 18:59:03.0494 5008 System windows directory: C:\Windows 18:59:03.0494 5008 Running under WOW64 18:59:03.0494 5008 Processor architecture: Intel x64 18:59:03.0494 5008 Number of processors: 2 18:59:03.0494 5008 Page size: 0x1000 18:59:03.0494 5008 Boot type: Normal boot 18:59:03.0494 5008 ============================================================ 18:59:04.0336 5008 Initialize success 18:59:07.0518 2248 ============================================================ 18:59:07.0518 2248 Scan started 18:59:07.0518 2248 Mode: Manual; 18:59:07.0518 2248 ============================================================ 18:59:08.0298 2248 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:59:08.0298 2248 1394ohci - ok 18:59:08.0330 2248 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:59:08.0330 2248 ACPI - ok 18:59:08.0361 2248 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:59:08.0361 2248 AcpiPmi - ok 18:59:08.0439 2248 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 18:59:08.0439 2248 adfs - ok 18:59:08.0517 2248 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 18:59:08.0532 2248 adp94xx - ok 18:59:08.0595 2248 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 18:59:08.0610 2248 adpahci - ok 18:59:08.0642 2248 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 18:59:08.0642 2248 adpu320 - ok 18:59:08.0688 2248 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 18:59:08.0704 2248 AFD - ok 18:59:08.0766 2248 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:59:08.0766 2248 agp440 - ok 18:59:08.0798 2248 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:59:08.0798 2248 aliide - ok 18:59:08.0829 2248 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:59:08.0829 2248 amdide - ok 18:59:08.0907 2248 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 18:59:08.0907 2248 AmdK8 - ok 18:59:09.0047 2248 amdkmdag (538b0a6e89aca1929668f9eb95d3c0bc) C:\Windows\system32\DRIVERS\atikmdag.sys 18:59:09.0125 2248 amdkmdag - ok 18:59:09.0219 2248 amdkmdap (977286b382fe0920f379a69c351a7af4) C:\Windows\system32\DRIVERS\atikmpag.sys 18:59:09.0219 2248 amdkmdap - ok 18:59:09.0234 2248 AmdLLD64 (c27e46c19d5a48ca02c11e3c9b58f4c1) C:\Windows\system32\DRIVERS\AmdLLD64.sys 18:59:09.0250 2248 AmdLLD64 - ok 18:59:09.0266 2248 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 18:59:09.0266 2248 AmdPPM - ok 18:59:09.0344 2248 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:59:09.0359 2248 amdsata - ok 18:59:09.0359 2248 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 18:59:09.0375 2248 amdsbs - ok 18:59:09.0390 2248 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:59:09.0390 2248 amdxata - ok 18:59:09.0515 2248 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:59:09.0531 2248 AppID - ok 18:59:09.0562 2248 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 18:59:09.0562 2248 arc - ok 18:59:09.0578 2248 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 18:59:09.0578 2248 arcsas - ok 18:59:09.0656 2248 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:59:09.0656 2248 AsyncMac - ok 18:59:09.0671 2248 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:59:09.0671 2248 atapi - ok 18:59:09.0827 2248 atikmdag (538b0a6e89aca1929668f9eb95d3c0bc) C:\Windows\system32\DRIVERS\atikmdag.sys 18:59:09.0858 2248 atikmdag - ok 18:59:09.0936 2248 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys 18:59:09.0936 2248 AtiPcie - ok 18:59:09.0968 2248 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys 18:59:09.0983 2248 avgntflt - ok 18:59:09.0999 2248 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys 18:59:10.0014 2248 avipbb - ok 18:59:10.0061 2248 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 18:59:10.0077 2248 avkmgr - ok 18:59:10.0108 2248 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 18:59:10.0124 2248 b06bdrv - ok 18:59:10.0155 2248 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:59:10.0155 2248 b57nd60a - ok 18:59:10.0217 2248 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:59:10.0233 2248 Beep - ok 18:59:10.0264 2248 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 18:59:10.0264 2248 blbdrive - ok 18:59:10.0295 2248 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:59:10.0311 2248 bowser - ok 18:59:10.0358 2248 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:59:10.0373 2248 BrFiltLo - ok 18:59:10.0373 2248 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:59:10.0373 2248 BrFiltUp - ok 18:59:10.0404 2248 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:59:10.0420 2248 Brserid - ok 18:59:10.0420 2248 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:59:10.0420 2248 BrSerWdm - ok 18:59:10.0436 2248 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:59:10.0436 2248 BrUsbMdm - ok 18:59:10.0436 2248 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:59:10.0451 2248 BrUsbSer - ok 18:59:10.0498 2248 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 18:59:10.0498 2248 BthEnum - ok 18:59:10.0560 2248 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 18:59:10.0560 2248 BTHMODEM - ok 18:59:10.0592 2248 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 18:59:10.0592 2248 BthPan - ok 18:59:10.0654 2248 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 18:59:10.0670 2248 BTHPORT - ok 18:59:10.0732 2248 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 18:59:10.0732 2248 BTHUSB - ok 18:59:10.0748 2248 catchme - ok 18:59:10.0779 2248 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:59:10.0794 2248 cdfs - ok 18:59:10.0857 2248 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 18:59:10.0872 2248 cdrom - ok 18:59:10.0904 2248 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 18:59:10.0919 2248 circlass - ok 18:59:10.0935 2248 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:59:10.0950 2248 CLFS - ok 18:59:11.0028 2248 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 18:59:11.0028 2248 CmBatt - ok 18:59:11.0060 2248 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:59:11.0060 2248 cmdide - ok 18:59:11.0106 2248 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 18:59:11.0122 2248 CNG - ok 18:59:11.0138 2248 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 18:59:11.0138 2248 Compbatt - ok 18:59:11.0200 2248 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:59:11.0216 2248 CompositeBus - ok 18:59:11.0247 2248 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys 18:59:11.0247 2248 cpuz135 - ok 18:59:11.0262 2248 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 18:59:11.0262 2248 crcdisk - ok 18:59:11.0325 2248 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 18:59:11.0340 2248 CSC - ok 18:59:11.0403 2248 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:59:11.0403 2248 DfsC - ok 18:59:11.0434 2248 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:59:11.0434 2248 discache - ok 18:59:11.0481 2248 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 18:59:11.0481 2248 Disk - ok 18:59:11.0543 2248 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:59:11.0543 2248 drmkaud - ok 18:59:11.0574 2248 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:59:11.0590 2248 DXGKrnl - ok 18:59:11.0668 2248 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 18:59:11.0715 2248 ebdrv - ok 18:59:11.0777 2248 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 18:59:11.0793 2248 elxstor - ok 18:59:11.0824 2248 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:59:11.0824 2248 ErrDev - ok 18:59:11.0871 2248 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys 18:59:11.0871 2248 etdrv - ok 18:59:11.0933 2248 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:59:11.0933 2248 exfat - ok 18:59:11.0964 2248 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:59:11.0964 2248 fastfat - ok 18:59:11.0996 2248 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 18:59:11.0996 2248 fdc - ok 18:59:12.0058 2248 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:59:12.0074 2248 FileInfo - ok 18:59:12.0089 2248 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:59:12.0089 2248 Filetrace - ok 18:59:12.0120 2248 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 18:59:12.0120 2248 flpydisk - ok 18:59:12.0152 2248 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:59:12.0167 2248 FltMgr - ok 18:59:12.0230 2248 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:59:12.0230 2248 FsDepends - ok 18:59:12.0245 2248 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 18:59:12.0261 2248 Fs_Rec - ok 18:59:12.0292 2248 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:59:12.0308 2248 fvevol - ok 18:59:12.0339 2248 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:59:12.0339 2248 gagp30kx - ok 18:59:12.0370 2248 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys 18:59:12.0370 2248 gdrv - ok 18:59:12.0417 2248 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys 18:59:12.0417 2248 GVTDrv64 - ok 18:59:12.0464 2248 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:59:12.0479 2248 hcw85cir - ok 18:59:12.0526 2248 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 18:59:12.0542 2248 HdAudAddService - ok 18:59:12.0620 2248 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:59:12.0620 2248 HDAudBus - ok 18:59:12.0635 2248 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 18:59:12.0635 2248 HidBatt - ok 18:59:12.0651 2248 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 18:59:12.0651 2248 HidBth - ok 18:59:12.0682 2248 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 18:59:12.0682 2248 HidIr - ok 18:59:12.0744 2248 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 18:59:12.0760 2248 HidUsb - ok 18:59:12.0791 2248 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:59:12.0791 2248 HpSAMD - ok 18:59:12.0822 2248 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 18:59:12.0838 2248 HTCAND64 - ok 18:59:12.0869 2248 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 18:59:12.0885 2248 htcnprot - ok 18:59:12.0947 2248 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:59:12.0978 2248 HTTP - ok 18:59:12.0994 2248 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:59:12.0994 2248 hwpolicy - ok 18:59:13.0025 2248 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 18:59:13.0041 2248 i8042prt - ok 18:59:13.0088 2248 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:59:13.0103 2248 iaStorV - ok 18:59:13.0134 2248 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 18:59:13.0134 2248 iirsp - ok 18:59:13.0197 2248 IntcAzAudAddService (e76fdfff07f8a2fa81ff250dda0f6bba) C:\Windows\system32\drivers\RTKVHD64.sys 18:59:13.0228 2248 IntcAzAudAddService - ok 18:59:13.0306 2248 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:59:13.0306 2248 intelide - ok 18:59:13.0337 2248 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:59:13.0353 2248 intelppm - ok 18:59:13.0446 2248 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:59:13.0446 2248 IpFilterDriver - ok 18:59:13.0478 2248 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:59:13.0478 2248 IPMIDRV - ok 18:59:13.0509 2248 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:59:13.0509 2248 IPNAT - ok 18:59:13.0587 2248 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:59:13.0587 2248 IRENUM - ok 18:59:13.0618 2248 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:59:13.0618 2248 isapnp - ok 18:59:13.0649 2248 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 18:59:13.0665 2248 iScsiPrt - ok 18:59:13.0727 2248 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 18:59:13.0727 2248 kbdclass - ok 18:59:13.0758 2248 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 18:59:13.0758 2248 kbdhid - ok 18:59:13.0790 2248 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 18:59:13.0790 2248 KSecDD - ok 18:59:13.0805 2248 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 18:59:13.0821 2248 KSecPkg - ok 18:59:13.0883 2248 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:59:13.0899 2248 ksthunk - ok 18:59:13.0930 2248 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:59:13.0946 2248 lltdio - ok 18:59:13.0992 2248 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:59:13.0992 2248 LSI_FC - ok 18:59:14.0039 2248 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:59:14.0055 2248 LSI_SAS - ok 18:59:14.0055 2248 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:59:14.0070 2248 LSI_SAS2 - ok 18:59:14.0070 2248 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:59:14.0086 2248 LSI_SCSI - ok 18:59:14.0102 2248 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:59:14.0102 2248 luafv - ok 18:59:14.0133 2248 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 18:59:14.0133 2248 megasas - ok 18:59:14.0148 2248 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 18:59:14.0148 2248 MegaSR - ok 18:59:14.0180 2248 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:59:14.0195 2248 Modem - ok 18:59:14.0242 2248 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:59:14.0242 2248 monitor - ok 18:59:14.0289 2248 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 18:59:14.0289 2248 mouclass - ok 18:59:14.0367 2248 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:59:14.0367 2248 mouhid - ok 18:59:14.0398 2248 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:59:14.0414 2248 mountmgr - ok 18:59:14.0429 2248 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:59:14.0445 2248 mpio - ok 18:59:14.0523 2248 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:59:14.0523 2248 mpsdrv - ok 18:59:14.0554 2248 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:59:14.0554 2248 MRxDAV - ok 18:59:14.0585 2248 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:59:14.0585 2248 mrxsmb - ok 18:59:14.0616 2248 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:59:14.0632 2248 mrxsmb10 - ok 18:59:14.0694 2248 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:59:14.0694 2248 mrxsmb20 - ok 18:59:14.0726 2248 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:59:14.0741 2248 msahci - ok 18:59:14.0772 2248 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:59:14.0772 2248 msdsm - ok 18:59:14.0850 2248 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:59:14.0850 2248 Msfs - ok 18:59:14.0866 2248 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:59:14.0882 2248 mshidkmdf - ok 18:59:14.0897 2248 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:59:14.0897 2248 msisadrv - ok 18:59:14.0944 2248 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:59:14.0944 2248 MSKSSRV - ok 18:59:14.0991 2248 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:59:15.0006 2248 MSPCLOCK - ok 18:59:15.0038 2248 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:59:15.0038 2248 MSPQM - ok 18:59:15.0084 2248 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:59:15.0100 2248 MsRPC - ok 18:59:15.0116 2248 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:59:15.0116 2248 mssmbios - ok 18:59:15.0147 2248 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:59:15.0147 2248 MSTEE - ok 18:59:15.0162 2248 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 18:59:15.0162 2248 MTConfig - ok 18:59:15.0209 2248 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:59:15.0209 2248 Mup - ok 18:59:15.0240 2248 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:59:15.0256 2248 NativeWifiP - ok 18:59:15.0303 2248 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:59:15.0303 2248 NDIS - ok 18:59:15.0365 2248 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:59:15.0365 2248 NdisCap - ok 18:59:15.0396 2248 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:59:15.0396 2248 NdisTapi - ok 18:59:15.0428 2248 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:59:15.0428 2248 Ndisuio - ok 18:59:15.0490 2248 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:59:15.0490 2248 NdisWan - ok 18:59:15.0506 2248 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:59:15.0521 2248 NDProxy - ok 18:59:15.0552 2248 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:59:15.0552 2248 NetBIOS - ok 18:59:15.0584 2248 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:59:15.0599 2248 NetBT - ok 18:59:15.0708 2248 netr28ux (883269c1ca478658f1334f3c39b0c7ac) C:\Windows\system32\DRIVERS\netr28ux.sys 18:59:15.0724 2248 netr28ux - ok 18:59:15.0755 2248 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys 18:59:15.0771 2248 netr28x - ok 18:59:15.0849 2248 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 18:59:15.0864 2248 nfrd960 - ok 18:59:15.0896 2248 npf (3ceee0be85d24d911b9c02714817774c) C:\Windows\system32\drivers\npf.sys 18:59:15.0911 2248 npf - ok 18:59:15.0974 2248 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:59:15.0974 2248 Npfs - ok 18:59:15.0989 2248 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:59:16.0005 2248 nsiproxy - ok 18:59:16.0052 2248 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 18:59:16.0083 2248 Ntfs - ok 18:59:16.0145 2248 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:59:16.0145 2248 Null - ok 18:59:16.0176 2248 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 18:59:16.0176 2248 nvraid - ok 18:59:16.0192 2248 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 18:59:16.0208 2248 nvstor - ok 18:59:16.0223 2248 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 18:59:16.0223 2248 nv_agp - ok 18:59:16.0301 2248 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 18:59:16.0301 2248 ohci1394 - ok 18:59:16.0332 2248 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 18:59:16.0332 2248 Parport - ok 18:59:16.0364 2248 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 18:59:16.0364 2248 partmgr - ok 18:59:16.0457 2248 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 18:59:16.0473 2248 pccsmcfd - ok 18:59:16.0488 2248 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 18:59:16.0488 2248 pci - ok 18:59:16.0504 2248 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 18:59:16.0504 2248 pciide - ok 18:59:16.0520 2248 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 18:59:16.0535 2248 pcmcia - ok 18:59:16.0551 2248 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:59:16.0551 2248 pcw - ok 18:59:16.0613 2248 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:59:16.0629 2248 PEAUTH - ok 18:59:16.0707 2248 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 18:59:16.0707 2248 PptpMiniport - ok 18:59:16.0769 2248 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 18:59:16.0785 2248 Processor - ok 18:59:16.0816 2248 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 18:59:16.0816 2248 Psched - ok 18:59:16.0863 2248 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 18:59:16.0878 2248 ql2300 - ok 18:59:16.0941 2248 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 18:59:16.0941 2248 ql40xx - ok 18:59:16.0956 2248 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:59:16.0972 2248 QWAVEdrv - ok 18:59:16.0972 2248 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:59:16.0988 2248 RasAcd - ok 18:59:17.0003 2248 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:59:17.0019 2248 RasAgileVpn - ok 18:59:17.0034 2248 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:59:17.0050 2248 Rasl2tp - ok 18:59:17.0112 2248 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:59:17.0112 2248 RasPppoe - ok 18:59:17.0144 2248 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:59:17.0144 2248 RasSstp - ok 18:59:17.0175 2248 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 18:59:17.0190 2248 rdbss - ok 18:59:17.0253 2248 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:59:17.0253 2248 rdpbus - ok 18:59:17.0268 2248 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:59:17.0268 2248 RDPCDD - ok 18:59:17.0315 2248 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 18:59:17.0315 2248 RDPDR - ok 18:59:17.0346 2248 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:59:17.0346 2248 RDPENCDD - ok 18:59:17.0362 2248 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:59:17.0362 2248 RDPREFMP - ok 18:59:17.0440 2248 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 18:59:17.0440 2248 RdpVideoMiniport - ok 18:59:17.0456 2248 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 18:59:17.0471 2248 RDPWD - ok 18:59:17.0502 2248 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 18:59:17.0518 2248 rdyboost - ok 18:59:17.0580 2248 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 18:59:17.0596 2248 RFCOMM - ok 18:59:17.0627 2248 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:59:17.0627 2248 rspndr - ok 18:59:17.0690 2248 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys 18:59:17.0690 2248 RTHDMIAzAudService - ok 18:59:17.0752 2248 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys 18:59:17.0768 2248 RTL8167 - ok 18:59:17.0799 2248 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 18:59:17.0799 2248 s3cap - ok 18:59:17.0846 2248 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x64\Sandra.sys 18:59:17.0846 2248 SANDRA - ok 18:59:17.0924 2248 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 18:59:17.0939 2248 sbp2port - ok 18:59:17.0970 2248 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 18:59:17.0970 2248 scfilter - ok 18:59:18.0002 2248 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:59:18.0002 2248 secdrv - ok 18:59:18.0080 2248 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 18:59:18.0080 2248 Serenum - ok 18:59:18.0095 2248 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 18:59:18.0095 2248 Serial - ok 18:59:18.0126 2248 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 18:59:18.0142 2248 sermouse - ok 18:59:18.0236 2248 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 18:59:18.0236 2248 sffdisk - ok 18:59:18.0251 2248 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 18:59:18.0251 2248 sffp_mmc - ok 18:59:18.0251 2248 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 18:59:18.0267 2248 sffp_sd - ok 18:59:18.0282 2248 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 18:59:18.0282 2248 sfloppy - ok 18:59:18.0314 2248 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:59:18.0314 2248 SiSRaid2 - ok 18:59:18.0314 2248 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 18:59:18.0329 2248 SiSRaid4 - ok 18:59:18.0345 2248 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:59:18.0345 2248 Smb - ok 18:59:18.0376 2248 speedfan - ok 18:59:18.0454 2248 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:59:18.0454 2248 spldr - ok 18:59:18.0501 2248 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 18:59:18.0501 2248 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 18:59:18.0501 2248 sptd ( LockedFile.Multi.Generic ) - warning 18:59:18.0501 2248 sptd - detected LockedFile.Multi.Generic (1) 18:59:18.0532 2248 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 18:59:18.0548 2248 srv - ok 18:59:18.0626 2248 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 18:59:18.0626 2248 srv2 - ok 18:59:18.0657 2248 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 18:59:18.0657 2248 srvnet - ok 18:59:18.0688 2248 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 18:59:18.0704 2248 stexstor - ok 18:59:18.0766 2248 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 18:59:18.0766 2248 StillCam - ok 18:59:18.0813 2248 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 18:59:18.0813 2248 storflt - ok 18:59:18.0828 2248 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 18:59:18.0844 2248 storvsc - ok 18:59:18.0860 2248 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 18:59:18.0860 2248 swenum - ok 18:59:18.0922 2248 Synth3dVsc - ok 18:59:18.0984 2248 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 18:59:19.0016 2248 Tcpip - ok 18:59:19.0094 2248 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 18:59:19.0094 2248 TCPIP6 - ok 18:59:19.0125 2248 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 18:59:19.0125 2248 tcpipreg - ok 18:59:19.0156 2248 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:59:19.0156 2248 TDPIPE - ok 18:59:19.0156 2248 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 18:59:19.0172 2248 TDTCP - ok 18:59:19.0187 2248 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 18:59:19.0187 2248 tdx - ok 18:59:19.0265 2248 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 18:59:19.0265 2248 TermDD - ok 18:59:19.0312 2248 tosporte (0e8a784713a08b39e39565c91ece48ba) C:\Windows\system32\DRIVERS\tosporte.sys 18:59:19.0312 2248 tosporte - ok 18:59:19.0343 2248 tosrfbd (7f7beacb582daed3355c5ae5220c363b) C:\Windows\system32\DRIVERS\tosrfbd.sys 18:59:19.0343 2248 tosrfbd - ok 18:59:19.0406 2248 tosrfbnp (b955484f53de2dbb481f99ad10867ebe) C:\Windows\system32\Drivers\tosrfbnp.sys 18:59:19.0406 2248 tosrfbnp - ok 18:59:19.0437 2248 Tosrfcom (f31e3217d11158b584711e42e40621ec) C:\Windows\system32\Drivers\tosrfcom.sys 18:59:19.0452 2248 Tosrfcom - ok 18:59:19.0468 2248 Tosrfhid (f3c57806b7ecd2101387b9af39059ff3) C:\Windows\system32\DRIVERS\Tosrfhid.sys 18:59:19.0468 2248 Tosrfhid - ok 18:59:19.0546 2248 tosrfnds (95552d0b11c70846299dca2ff0082205) C:\Windows\system32\DRIVERS\tosrfnds.sys 18:59:19.0546 2248 tosrfnds - ok 18:59:19.0577 2248 TosRfSnd (25bd441f1cec311648df259b9df2999b) C:\Windows\system32\drivers\tosrfsnd.sys 18:59:19.0577 2248 TosRfSnd - ok 18:59:19.0608 2248 Tosrfusb (cbd52e5df13fab87a0206e031eef42a4) C:\Windows\system32\DRIVERS\tosrfusb.sys 18:59:19.0608 2248 Tosrfusb - ok 18:59:19.0702 2248 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:59:19.0702 2248 tssecsrv - ok 18:59:19.0733 2248 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 18:59:19.0733 2248 TsUsbFlt - ok 18:59:19.0749 2248 tsusbhub - ok 18:59:19.0796 2248 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 18:59:19.0796 2248 tunnel - ok 18:59:19.0858 2248 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 18:59:19.0874 2248 uagp35 - ok 18:59:19.0905 2248 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 18:59:19.0905 2248 udfs - ok 18:59:19.0936 2248 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 18:59:19.0936 2248 uliagpkx - ok 18:59:19.0983 2248 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 18:59:19.0983 2248 umbus - ok 18:59:20.0045 2248 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 18:59:20.0045 2248 UmPass - ok 18:59:20.0092 2248 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 18:59:20.0108 2248 usbaudio - ok 18:59:20.0139 2248 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 18:59:20.0139 2248 usbccgp - ok 18:59:20.0154 2248 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 18:59:20.0170 2248 usbcir - ok 18:59:20.0217 2248 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 18:59:20.0217 2248 usbehci - ok 18:59:20.0248 2248 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys 18:59:20.0248 2248 usbfilter - ok 18:59:20.0295 2248 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 18:59:20.0295 2248 usbhub - ok 18:59:20.0310 2248 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 18:59:20.0310 2248 usbohci - ok 18:59:20.0373 2248 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:59:20.0373 2248 usbprint - ok 18:59:20.0404 2248 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 18:59:20.0404 2248 usbscan - ok 18:59:20.0435 2248 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:59:20.0435 2248 USBSTOR - ok 18:59:20.0451 2248 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 18:59:20.0451 2248 usbuhci - ok 18:59:20.0529 2248 VBoxNetAdp (b4ffc1739b9bd3b0177b16b46caf8420) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 18:59:20.0544 2248 VBoxNetAdp - ok 18:59:20.0560 2248 VBoxNetFlt - ok 18:59:20.0607 2248 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 18:59:20.0607 2248 vdrvroot - ok 18:59:20.0622 2248 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:59:20.0622 2248 vga - ok 18:59:20.0638 2248 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:59:20.0638 2248 VgaSave - ok 18:59:20.0685 2248 VGPU - ok 18:59:20.0732 2248 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 18:59:20.0732 2248 vhdmp - ok 18:59:20.0747 2248 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 18:59:20.0747 2248 viaide - ok 18:59:20.0763 2248 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 18:59:20.0778 2248 vmbus - ok 18:59:20.0794 2248 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 18:59:20.0794 2248 VMBusHID - ok 18:59:20.0825 2248 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 18:59:20.0841 2248 volmgr - ok 18:59:20.0903 2248 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 18:59:20.0919 2248 volmgrx - ok 18:59:20.0934 2248 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 18:59:20.0950 2248 volsnap - ok 18:59:21.0012 2248 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 18:59:21.0012 2248 vsmraid - ok 18:59:21.0059 2248 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:59:21.0059 2248 vwifibus - ok 18:59:21.0075 2248 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:59:21.0075 2248 vwififlt - ok 18:59:21.0137 2248 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 18:59:21.0137 2248 vwifimp - ok 18:59:21.0215 2248 VX1000 (ce6c085771812d5ee863cc7ef93caef2) C:\Windows\system32\DRIVERS\VX1000.sys 18:59:21.0246 2248 VX1000 - ok 18:59:21.0278 2248 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 18:59:21.0278 2248 WacomPen - ok 18:59:21.0340 2248 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:59:21.0340 2248 WANARP - ok 18:59:21.0356 2248 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:59:21.0356 2248 Wanarpv6 - ok 18:59:21.0418 2248 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 18:59:21.0418 2248 Wd - ok 18:59:21.0449 2248 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:59:21.0465 2248 Wdf01000 - ok 18:59:21.0527 2248 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:59:21.0527 2248 WfpLwf - ok 18:59:21.0543 2248 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:59:21.0543 2248 WIMMount - ok 18:59:21.0621 2248 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 18:59:21.0621 2248 WinUsb - ok 18:59:21.0652 2248 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys 18:59:21.0668 2248 WmBEnum - ok 18:59:21.0714 2248 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys 18:59:21.0714 2248 WmFilter - ok 18:59:21.0746 2248 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 18:59:21.0746 2248 WmiAcpi - ok 18:59:21.0792 2248 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys 18:59:21.0792 2248 WmVirHid - ok 18:59:21.0839 2248 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys 18:59:21.0839 2248 WmXlCore - ok 18:59:21.0886 2248 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:59:21.0886 2248 ws2ifsl - ok 18:59:21.0917 2248 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 18:59:21.0917 2248 WSDPrintDevice - ok 18:59:21.0948 2248 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 18:59:21.0964 2248 WudfPf - ok 18:59:22.0011 2248 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:59:22.0011 2248 WUDFRd - ok 18:59:22.0058 2248 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 18:59:22.0058 2248 \Device\Harddisk0\DR0 - ok 18:59:22.0073 2248 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1 18:59:22.0104 2248 \Device\Harddisk1\DR1 - ok 18:59:22.0104 2248 Boot (0x1200) (8c787ed90c4cbb260451ee3e62f78a9d) \Device\Harddisk0\DR0\Partition0 18:59:22.0104 2248 \Device\Harddisk0\DR0\Partition0 - ok 18:59:22.0120 2248 Boot (0x1200) (d65f69126f86abc345260d78726750d9) \Device\Harddisk0\DR0\Partition1 18:59:22.0120 2248 \Device\Harddisk0\DR0\Partition1 - ok 18:59:22.0151 2248 Boot (0x1200) (1c49d339f755cc931393562a28f514e4) \Device\Harddisk0\DR0\Partition2 18:59:22.0151 2248 \Device\Harddisk0\DR0\Partition2 - ok 18:59:22.0151 2248 Boot (0x1200) (dee4db4316e5e01f6613db5f03a54c91) \Device\Harddisk1\DR1\Partition0 18:59:22.0151 2248 \Device\Harddisk1\DR1\Partition0 - ok 18:59:22.0151 2248 ============================================================ 18:59:22.0151 2248 Scan finished 18:59:22.0151 2248 ============================================================ 18:59:22.0167 2588 Detected object count: 1 18:59:22.0167 2588 Actual detected object count: 1 18:59:33.0165 2588 sptd ( LockedFile.Multi.Generic ) - skipped by user 18:59:33.0165 2588 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 18:59:43.0586 4292 ============================================================ 18:59:43.0586 4292 Scan started 18:59:43.0586 4292 Mode: Manual; 18:59:43.0586 4292 ============================================================ 18:59:43.0851 4292 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:59:43.0851 4292 1394ohci - ok 18:59:43.0882 4292 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:59:43.0882 4292 ACPI - ok 18:59:43.0898 4292 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:59:43.0898 4292 AcpiPmi - ok 18:59:43.0929 4292 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 18:59:43.0929 4292 adfs - ok 18:59:44.0022 4292 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 18:59:44.0022 4292 adp94xx - ok 18:59:44.0038 4292 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 18:59:44.0038 4292 adpahci - ok 18:59:44.0054 4292 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 18:59:44.0054 4292 adpu320 - ok 18:59:44.0100 4292 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 18:59:44.0100 4292 AFD - ok 18:59:44.0163 4292 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:59:44.0163 4292 agp440 - ok 18:59:44.0178 4292 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:59:44.0178 4292 aliide - ok 18:59:44.0194 4292 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:59:44.0194 4292 amdide - ok 18:59:44.0210 4292 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 18:59:44.0210 4292 AmdK8 - ok 18:59:44.0350 4292 amdkmdag (538b0a6e89aca1929668f9eb95d3c0bc) C:\Windows\system32\DRIVERS\atikmdag.sys 18:59:44.0397 4292 amdkmdag - ok 18:59:44.0475 4292 amdkmdap (977286b382fe0920f379a69c351a7af4) C:\Windows\system32\DRIVERS\atikmpag.sys 18:59:44.0475 4292 amdkmdap - ok 18:59:44.0490 4292 AmdLLD64 (c27e46c19d5a48ca02c11e3c9b58f4c1) C:\Windows\system32\DRIVERS\AmdLLD64.sys 18:59:44.0490 4292 AmdLLD64 - ok 18:59:44.0506 4292 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 18:59:44.0506 4292 AmdPPM - ok 18:59:44.0522 4292 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:59:44.0522 4292 amdsata - ok 18:59:44.0584 4292 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 18:59:44.0584 4292 amdsbs - ok 18:59:44.0600 4292 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:59:44.0600 4292 amdxata - ok 18:59:44.0631 4292 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:59:44.0631 4292 AppID - ok 18:59:44.0662 4292 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 18:59:44.0662 4292 arc - ok 18:59:44.0678 4292 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 18:59:44.0678 4292 arcsas - ok 18:59:44.0693 4292 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:59:44.0693 4292 AsyncMac - ok 18:59:44.0756 4292 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:59:44.0756 4292 atapi - ok 18:59:44.0880 4292 atikmdag (538b0a6e89aca1929668f9eb95d3c0bc) C:\Windows\system32\DRIVERS\atikmdag.sys 18:59:44.0927 4292 atikmdag - ok 18:59:44.0990 4292 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys 18:59:44.0990 4292 AtiPcie - ok 18:59:45.0021 4292 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys 18:59:45.0021 4292 avgntflt - ok 18:59:45.0036 4292 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys 18:59:45.0036 4292 avipbb - ok 18:59:45.0052 4292 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 18:59:45.0052 4292 avkmgr - ok 18:59:45.0130 4292 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 18:59:45.0146 4292 b06bdrv - ok 18:59:45.0161 4292 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:59:45.0161 4292 b57nd60a - ok 18:59:45.0177 4292 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:59:45.0177 4292 Beep - ok 18:59:45.0192 4292 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 18:59:45.0192 4292 blbdrive - ok 18:59:45.0224 4292 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:59:45.0224 4292 bowser - ok 18:59:45.0286 4292 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:59:45.0286 4292 BrFiltLo - ok 18:59:45.0286 4292 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:59:45.0286 4292 BrFiltUp - ok 18:59:45.0302 4292 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:59:45.0302 4292 Brserid - ok 18:59:45.0317 4292 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:59:45.0317 4292 BrSerWdm - ok 18:59:45.0333 4292 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:59:45.0333 4292 BrUsbMdm - ok 18:59:45.0333 4292 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:59:45.0333 4292 BrUsbSer - ok 18:59:45.0348 4292 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 18:59:45.0364 4292 BthEnum - ok 18:59:45.0364 4292 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 18:59:45.0364 4292 BTHMODEM - ok 18:59:45.0395 4292 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 18:59:45.0395 4292 BthPan - ok 18:59:45.0473 4292 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 18:59:45.0473 4292 BTHPORT - ok 18:59:45.0489 4292 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 18:59:45.0489 4292 BTHUSB - ok 18:59:45.0504 4292 catchme - ok 18:59:45.0536 4292 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:59:45.0536 4292 cdfs - ok 18:59:45.0614 4292 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 18:59:45.0614 4292 cdrom - ok 18:59:45.0629 4292 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 18:59:45.0629 4292 circlass - ok 18:59:45.0645 4292 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:59:45.0645 4292 CLFS - ok 18:59:45.0676 4292 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 18:59:45.0676 4292 CmBatt - ok 18:59:45.0692 4292 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:59:45.0692 4292 cmdide - ok 18:59:45.0723 4292 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 18:59:45.0723 4292 CNG - ok 18:59:45.0770 4292 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 18:59:45.0770 4292 Compbatt - ok 18:59:45.0785 4292 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:59:45.0785 4292 CompositeBus - ok 18:59:45.0832 4292 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys 18:59:45.0832 4292 cpuz135 - ok 18:59:45.0848 4292 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 18:59:45.0848 4292 crcdisk - ok 18:59:45.0910 4292 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 18:59:45.0910 4292 CSC - ok 18:59:45.0941 4292 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:59:45.0941 4292 DfsC - ok 18:59:45.0972 4292 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:59:45.0972 4292 discache - ok 18:59:45.0988 4292 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 18:59:45.0988 4292 Disk - ok 18:59:46.0050 4292 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:59:46.0050 4292 drmkaud - ok 18:59:46.0082 4292 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:59:46.0082 4292 DXGKrnl - ok 18:59:46.0160 4292 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 18:59:46.0191 4292 ebdrv - ok 18:59:46.0238 4292 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 18:59:46.0238 4292 elxstor - ok 18:59:46.0284 4292 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:59:46.0284 4292 ErrDev - ok 18:59:46.0300 4292 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys 18:59:46.0300 4292 etdrv - ok 18:59:46.0331 4292 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:59:46.0331 4292 exfat - ok 18:59:46.0378 4292 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:59:46.0378 4292 fastfat - ok 18:59:46.0394 4292 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 18:59:46.0394 4292 fdc - ok 18:59:46.0409 4292 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:59:46.0409 4292 FileInfo - ok 18:59:46.0440 4292 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:59:46.0440 4292 Filetrace - ok 18:59:46.0456 4292 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 18:59:46.0456 4292 flpydisk - ok 18:59:46.0518 4292 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:59:46.0518 4292 FltMgr - ok 18:59:46.0534 4292 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:59:46.0534 4292 FsDepends - ok 18:59:46.0565 4292 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 18:59:46.0565 4292 Fs_Rec - ok 18:59:46.0596 4292 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:59:46.0596 4292 fvevol - ok 18:59:46.0628 4292 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:59:46.0628 4292 gagp30kx - ok 18:59:46.0643 4292 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys 18:59:46.0643 4292 gdrv - ok 18:59:46.0674 4292 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys 18:59:46.0674 4292 GVTDrv64 - ok 18:59:46.0721 4292 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:59:46.0721 4292 hcw85cir - ok 18:59:46.0784 4292 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 18:59:46.0784 4292 HdAudAddService - ok 18:59:46.0799 4292 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:59:46.0799 4292 HDAudBus - ok 18:59:46.0799 4292 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 18:59:46.0815 4292 HidBatt - ok 18:59:46.0846 4292 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 18:59:46.0846 4292 HidBth - ok 18:59:46.0893 4292 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 18:59:46.0893 4292 HidIr - ok 18:59:46.0908 4292 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 18:59:46.0908 4292 HidUsb - ok 18:59:46.0940 4292 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:59:46.0940 4292 HpSAMD - ok 18:59:46.0971 4292 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 18:59:46.0971 4292 HTCAND64 - ok 18:59:47.0018 4292 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 18:59:47.0018 4292 htcnprot - ok 18:59:47.0064 4292 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:59:47.0064 4292 HTTP - ok 18:59:47.0096 4292 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:59:47.0096 4292 hwpolicy - ok 18:59:47.0127 4292 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 18:59:47.0127 4292 i8042prt - ok 18:59:47.0174 4292 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:59:47.0174 4292 iaStorV - ok 18:59:47.0220 4292 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 18:59:47.0220 4292 iirsp - ok 18:59:47.0267 4292 IntcAzAudAddService (e76fdfff07f8a2fa81ff250dda0f6bba) C:\Windows\system32\drivers\RTKVHD64.sys 18:59:47.0283 4292 IntcAzAudAddService - ok 18:59:47.0330 4292 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:59:47.0330 4292 intelide - ok 18:59:47.0376 4292 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:59:47.0376 4292 intelppm - ok 18:59:47.0408 4292 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:59:47.0408 4292 IpFilterDriver - ok 18:59:47.0423 4292 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:59:47.0439 4292 IPMIDRV - ok 18:59:47.0470 4292 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:59:47.0470 4292 IPNAT - ok 18:59:47.0486 4292 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:59:47.0486 4292 IRENUM - ok 18:59:47.0517 4292 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:59:47.0517 4292 isapnp - ok 18:59:47.0532 4292 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 18:59:47.0532 4292 iScsiPrt - ok 18:59:47.0548 4292 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 18:59:47.0548 4292 kbdclass - ok 18:59:47.0579 4292 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 18:59:47.0579 4292 kbdhid - ok 18:59:47.0626 4292 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 18:59:47.0626 4292 KSecDD - ok 18:59:47.0673 4292 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 18:59:47.0673 4292 KSecPkg - ok 18:59:47.0688 4292 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:59:47.0688 4292 ksthunk - ok 18:59:47.0720 4292 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:59:47.0720 4292 lltdio - ok 18:59:47.0735 4292 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:59:47.0735 4292 LSI_FC - ok 18:59:47.0766 4292 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:59:47.0766 4292 LSI_SAS - ok 18:59:47.0782 4292 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:59:47.0782 4292 LSI_SAS2 - ok 18:59:47.0798 4292 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:59:47.0798 4292 LSI_SCSI - ok 18:59:47.0829 4292 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:59:47.0829 4292 luafv - ok 18:59:47.0844 4292 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 18:59:47.0844 4292 megasas - ok 18:59:47.0860 4292 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 18:59:47.0860 4292 MegaSR - ok 18:59:47.0891 4292 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:59:47.0891 4292 Modem - ok 18:59:47.0938 4292 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:59:47.0938 4292 monitor - ok 18:59:47.0954 4292 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 18:59:47.0954 4292 mouclass - ok 18:59:47.0969 4292 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:59:47.0969 4292 mouhid - ok 18:59:48.0000 4292 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:59:48.0000 4292 mountmgr - ok 18:59:48.0032 4292 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:59:48.0047 4292 mpio - ok 18:59:48.0063 4292 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:59:48.0063 4292 mpsdrv - ok 18:59:48.0125 4292 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:59:48.0125 4292 MRxDAV - ok 18:59:48.0156 4292 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:59:48.0156 4292 mrxsmb - ok 18:59:48.0188 4292 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:59:48.0188 4292 mrxsmb10 - ok 18:59:48.0203 4292 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:59:48.0203 4292 mrxsmb20 - ok 18:59:48.0266 4292 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:59:48.0266 4292 msahci - ok 18:59:48.0312 4292 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:59:48.0312 4292 msdsm - ok 18:59:48.0344 4292 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:59:48.0344 4292 Msfs - ok 18:59:48.0375 4292 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:59:48.0375 4292 mshidkmdf - ok 18:59:48.0390 4292 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:59:48.0390 4292 msisadrv - ok 18:59:48.0406 4292 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:59:48.0406 4292 MSKSSRV - ok 18:59:48.0422 4292 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:59:48.0422 4292 MSPCLOCK - ok 18:59:48.0453 4292 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:59:48.0453 4292 MSPQM - ok 18:59:48.0500 4292 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:59:48.0500 4292 MsRPC - ok 18:59:48.0531 4292 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:59:48.0531 4292 mssmbios - ok 18:59:48.0562 4292 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:59:48.0562 4292 MSTEE - ok 18:59:48.0578 4292 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 18:59:48.0578 4292 MTConfig - ok 18:59:48.0609 4292 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:59:48.0609 4292 Mup - ok 18:59:48.0640 4292 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:59:48.0640 4292 NativeWifiP - ok 18:59:48.0687 4292 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:59:48.0687 4292 NDIS - ok 18:59:48.0749 4292 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:59:48.0749 4292 NdisCap - ok 18:59:48.0765 4292 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:59:48.0765 4292 NdisTapi - ok 18:59:48.0796 4292 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:59:48.0796 4292 Ndisuio - ok 18:59:48.0827 4292 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:59:48.0827 4292 NdisWan - ok 18:59:48.0890 4292 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:59:48.0890 4292 NDProxy - ok 18:59:48.0936 4292 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:59:48.0936 4292 NetBIOS - ok 18:59:48.0952 4292 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:59:48.0952 4292 NetBT - ok 18:59:49.0046 4292 netr28ux (883269c1ca478658f1334f3c39b0c7ac) C:\Windows\system32\DRIVERS\netr28ux.sys 18:59:49.0046 4292 netr28ux -
  • Heb jij DaemonTools of Alcohol-brandsoftware in jouw Windows zitten?
  • Daemontools gebruik ik soms wel ja, ik heb veel dvd's naar ISO omgezet. Soms geeft mijn media player dan kuren en test ik de ISO met Daemon.. Is dat de boosdoener?
  • Abraham? En toen?
  • Sptd.sys is van DaemonTools, dus een legitiem bestand. En dan wil graag dat je nu het volgende doet: [b:5dc1516412][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:5dc1516412] [list:5dc1516412] [*:5dc1516412]Klik op de knop [b:5dc1516412]ESET Online Scanner[/b:5dc1516412] [*:5dc1516412]Zet een vinkje bij [b:5dc1516412]YES, I accept the Terms of Use[/b:5dc1516412] [*:5dc1516412]Klik op [b:5dc1516412]Start[/b:5dc1516412] [*:5dc1516412]Sta het ActiveX control toe om te installeren. [*:5dc1516412]Zet een vinkje bij de volgende opties: [list:5dc1516412][*:5dc1516412][b:5dc1516412]Remove found threats[/b:5dc1516412] [*:5dc1516412][b:5dc1516412]Scan archives[/b:5dc1516412][/list:u:5dc1516412] [*:5dc1516412]Klik vervolgens op [b:5dc1516412][color=#0000FF:5dc1516412]"Advanced Settings"[/color:5dc1516412][/b:5dc1516412] [list:5dc1516412][*:5dc1516412][b:5dc1516412]Scan for potentially unwanted applications[/b:5dc1516412] [*:5dc1516412][b:5dc1516412]Scan for potentially unsafe applications[/b:5dc1516412] [*:5dc1516412][b:5dc1516412]Enable Anti-Stealth technology [/b:5dc1516412][/list:u:5dc1516412] [*:5dc1516412]Klik op [b:5dc1516412]Start[/b:5dc1516412] [*:5dc1516412]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:5dc1516412]is de scan klaar, klik dan op [b:5dc1516412][color=#0000FF:5dc1516412]> List of found threats[/color:5dc1516412][/b:5dc1516412] [*:5dc1516412]Klik vervolgens op [color=#0000FF:5dc1516412][b:5dc1516412]> Export to text file....[/b:5dc1516412][/color:5dc1516412] [*:5dc1516412]Als opslaglokatie Bureaublad en geef het kladblokbestand een duidelijke titel. [*:5dc1516412]Daarna mag jij het venster sluiten omdat de scan klaar is. [*:5dc1516412]Open vervolgens het log dat op je bureaublad staat. [*:5dc1516412]En kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:5dc1516412] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • No threats found
  • Mooi, laten ComboFix nogmaals gebruiken. Doe de ComboFix scan dus nogmaals: het kan na opstarten van ComboFix gebeuren dat er een melding komt: - of ComboFix wil geupdated worden; - of ComboFix wil opnieuw gedownload worden. Krijg je dus zo'n melding, dan dit ook uitvoeren. Post aansluitend de inhoud van het log.
  • Done, Je bent grondig deze keer. Is er iets waar je specifiek naar zoekt? Of heb je iets gevonden? Daarnaast viel het me op na al dit scannen dat mijn Recycle Bin folders ineens zichtbaar waren op alle stations behalve C. Dit terwijl ik show hidden files uit heb staan. affin, het log: ComboFix 11-11-24.01 - Sander 24-11-2011 18:21:44.2.2 - x64 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.31.1033.18.2046.1131 [GMT 1:00] Gestart vanuit: c:\users\Sander\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-24 to 2011-11-24 )))))))))))))))))))))))))))))) . . 2011-11-24 17:25 . 2011-11-24 17:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-22 17:50 . 2011-11-22 17:50 -------- d-----w- c:\program files (x86)\ESET 2011-11-21 17:32 . 2011-11-21 17:35 -------- d-----w- c:\windows\system32\appmgmt 2011-11-20 22:04 . 2011-11-20 22:04 -------- d-----w- c:\users\Sander\AppData\Roaming\Malwarebytes 2011-11-20 22:04 . 2011-11-20 22:04 -------- d-----w- c:\programdata\Malwarebytes 2011-11-20 22:04 . 2011-11-20 22:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-11-20 22:04 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-20 22:00 . 2011-11-20 22:00 388096 ----a-r- c:\users\Sander\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-20 21:36 . 2011-11-20 21:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-11-20 21:36 . 2011-11-20 21:36 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-11-20 21:19 . 2011-11-20 21:19 -------- d-----w- c:\program files (x86)\Trend Micro 2011-11-20 21:11 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2011-11-20 18:37 . 2011-11-20 18:37 -------- d-----w- c:\users\Sander\AppData\Roaming\Avira 2011-11-20 18:36 . 2011-09-18 07:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-11-20 18:36 . 2011-09-15 22:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-11-20 18:36 . 2011-09-15 22:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2011-11-20 18:36 . 2011-11-20 18:36 -------- d-----w- c:\programdata\Avira 2011-11-20 18:36 . 2011-11-20 18:36 -------- d-----w- c:\program files (x86)\Avira 2011-11-20 14:25 . 2011-11-20 14:25 -------- d-----w- c:\users\Sander\AppData\Local\MetaGeek,_LLC 2011-11-20 14:15 . 2011-11-20 14:15 -------- d-----w- c:\program files\MetaGeek 2011-11-19 14:32 . 2011-11-19 14:32 -------- d-----w- c:\users\Sander\AppData\Local\uTorrent 2011-11-19 14:08 . 2011-11-19 14:08 -------- d-----w- c:\users\Sander\AppData\Roaming\Overlook 2011-11-19 14:07 . 2011-11-19 14:07 -------- d-----w- c:\program files (x86)\WinPcap 2011-11-19 14:07 . 2011-11-19 14:07 -------- d-----w- c:\programdata\Overlook 2011-11-19 14:07 . 2011-11-19 14:07 -------- d-----w- c:\program files (x86)\Overlook Fing 1.4 2011-11-09 18:13 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-09 18:13 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll 2011-11-09 18:13 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 18:13 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys 2011-11-05 09:17 . 2011-11-16 19:51 -------- d-----w- c:\users\Sander\AppData\Local\Adobe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-03 04:06 . 2011-01-16 15:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-09-01 05:24 . 2011-10-14 01:01 2309120 ----a-w- c:\windows\system32\jscript9.dll 2011-09-01 05:17 . 2011-10-14 01:01 1389056 ----a-w- c:\windows\system32\wininet.dll 2011-09-01 05:12 . 2011-10-14 01:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-09-01 02:35 . 2011-10-14 01:01 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-09-01 02:28 . 2011-10-14 01:01 1126912 ----a-w- c:\windows\SysWow64\wininet.dll 2011-09-01 02:22 . 2011-10-14 01:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-08-27 05:37 . 2011-10-13 20:16 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 05:37 . 2011-10-13 20:16 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-08-27 04:26 . 2011-10-13 20:16 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-08-27 04:26 . 2011-10-13 20:16 233472 ----a-w- c:\windows\SysWow64\oleacc.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-11-21_17.23.21 ))))))))))))))))))))))))))))))))))))))))) . + 2010-10-02 11:17 . 2011-11-21 17:53 42152 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-11-21 17:53 40170 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-10-02 11:13 . 2011-11-21 17:53 11044 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-677367547-3624079886-4196243676-1000_UserData.bin + 2009-07-14 05:30 . 2011-11-21 17:39 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2011-11-20 18:37 86016 c:\windows\system32\DriverStore\infpub.dat - 2011-11-21 02:31 . 2011-11-21 02:31 42496 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\357c754688a5756ac7fc4fc831ffbf03\System.Windows.Presentation.ni.dll + 2011-11-24 02:25 . 2011-11-24 02:25 42496 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\357c754688a5756ac7fc4fc831ffbf03\System.Windows.Presentation.ni.dll + 2011-11-24 02:25 . 2011-11-24 02:25 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\f7738bf2ff3dc492be82f64880dcfc4c\System.Web.ApplicationServices.ni.dll - 2011-11-21 02:31 . 2011-11-21 02:31 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\f7738bf2ff3dc492be82f64880dcfc4c\System.Web.ApplicationServices.ni.dll - 2011-11-21 02:29 . 2011-11-21 02:29 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\32d3441efb46d802cdc65de502f28e3b\System.AddIn.Contract.ni.dll + 2011-11-24 02:22 . 2011-11-24 02:22 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\32d3441efb46d802cdc65de502f28e3b\System.AddIn.Contract.ni.dll + 2011-11-24 02:20 . 2011-11-24 02:20 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\512c12c2af578c00e8655b0ec2a92102\Microsoft.VisualC.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\512c12c2af578c00e8655b0ec2a92102\Microsoft.VisualC.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\4a82ab8680409c1dc5a55e26742e8900\dfsvc.ni.exe + 2011-11-24 02:19 . 2011-11-24 02:19 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\4a82ab8680409c1dc5a55e26742e8900\dfsvc.ni.exe - 2011-11-21 02:26 . 2011-11-21 02:26 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\b1136d0eb9ce963a7675b0d6cd7c4c4e\Accessibility.ni.dll + 2011-11-24 02:19 . 2011-11-24 02:19 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\b1136d0eb9ce963a7675b0d6cd7c4c4e\Accessibility.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a2ef92260effc4f8cef9339a24ba230b\UIAutomationProvider.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a2ef92260effc4f8cef9339a24ba230b\UIAutomationProvider.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\fd3809e0cf174aaadc13e0b409123fd3\System.Windows.Presentation.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\fd3809e0cf174aaadc13e0b409123fd3\System.Windows.Presentation.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\6b87fc6f1e65b1bf6df19a9bd5b02f80\System.Web.ApplicationServices.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\6b87fc6f1e65b1bf6df19a9bd5b02f80\System.Web.ApplicationServices.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\49989f9c9f180a49b0953cb47078df77\System.ServiceModel.Channels.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\49989f9c9f180a49b0953cb47078df77\System.ServiceModel.Channels.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\6c15a9f7fb56275fb9ad22ae306d9d42\System.AddIn.Contract.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\6c15a9f7fb56275fb9ad22ae306d9d42\System.AddIn.Contract.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\9cce7d40f80e50a7e43d8e99f039359f\Microsoft.VisualC.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\9cce7d40f80e50a7e43d8e99f039359f\Microsoft.VisualC.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\ec6caf1c86ddb8ce9d7a89adb10264e8\Accessibility.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\ec6caf1c86ddb8ce9d7a89adb10264e8\Accessibility.ni.dll + 2011-11-24 02:19 . 2011-11-24 02:19 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\0d036f215cfdf37305d84ac680e19413\System.Windows.Presentation.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\0d036f215cfdf37305d84ac680e19413\System.Windows.Presentation.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c4a4564925c5fa6d43dac830cfb294bd\System.Web.DynamicData.Design.ni.dll + 2011-11-24 02:18 . 2011-11-24 02:18 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c4a4564925c5fa6d43dac830cfb294bd\System.Web.DynamicData.Design.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\3a5529f1de05952773c725a6ff2e07fb\PresentationFontCache.ni.exe - 2011-11-21 02:24 . 2011-11-21 02:24 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\3a5529f1de05952773c725a6ff2e07fb\PresentationFontCache.ni.exe - 2011-11-21 02:16 . 2011-11-21 02:16 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\c066431266a5b4c8326779d12542161c\PresentationCFFRasterizer.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\c066431266a5b4c8326779d12542161c\PresentationCFFRasterizer.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\621b2f176909228deae402a6031e7420\Microsoft.WSMan.Runtime.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\621b2f176909228deae402a6031e7420\Microsoft.WSMan.Runtime.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\ecd29eb2eda46acfda1229f8362f60e9\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\ecd29eb2eda46acfda1229f8362f60e9\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d77eafc89b58f5466b7555d89a293c50\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d77eafc89b58f5466b7555d89a293c50\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\c1e58a266d600248f08dca600457e346\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\c1e58a266d600248f08dca600457e346\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\9f1ca68fbcefac4ef4f13e5f5604ad82\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\9f1ca68fbcefac4ef4f13e5f5604ad82\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8260ae5a7d4a7e7cd907c958858da284\Microsoft.Windows.Diagnosis.SDHost.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8260ae5a7d4a7e7cd907c958858da284\Microsoft.Windows.Diagnosis.SDHost.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\371120a0816ba5ce909b8e1341da376f\Microsoft.Windows.Diagnosis.SDEngine.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\371120a0816ba5ce909b8e1341da376f\Microsoft.Windows.Diagnosis.SDEngine.ni.dll - 2011-11-21 02:10 . 2011-11-21 02:10 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\e6aabbfb38a14559712fdf51064ff3a1\Microsoft.VisualC.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\e6aabbfb38a14559712fdf51064ff3a1\Microsoft.VisualC.ni.dll + 2011-11-24 02:14 . 2011-11-24 02:14 66048 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\a9a494047cfbd13fd4a155c77a258a0a\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll - 2011-11-21 02:14 . 2011-11-21 02:14 66048 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\a9a494047cfbd13fd4a155c77a258a0a\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll - 2011-11-21 02:14 . 2011-11-21 02:14 64000 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\90b3ba2f1de795690641228b63586965\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll + 2011-11-24 02:14 . 2011-11-24 02:14 64000 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\90b3ba2f1de795690641228b63586965\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll + 2011-11-24 02:13 . 2011-11-24 02:13 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\866c57c6e58cbe8249b36f21ec8ac18a\Microsoft.MediaCenter.iTv.Hosting.ni.dll - 2011-11-21 02:13 . 2011-11-21 02:13 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\866c57c6e58cbe8249b36f21ec8ac18a\Microsoft.MediaCenter.iTv.Hosting.ni.dll - 2011-11-21 02:14 . 2011-11-21 02:14 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\584f193ae53236bf55cd78b246214d83\LoadMxf.ni.exe + 2011-11-24 02:14 . 2011-11-24 02:14 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\584f193ae53236bf55cd78b246214d83\LoadMxf.ni.exe + 2011-11-24 02:13 . 2011-11-24 02:13 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\50cda8ab4cd566b222342c3da14302d3\ehiUPnP.ni.dll - 2011-11-21 02:13 . 2011-11-21 02:13 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\50cda8ab4cd566b222342c3da14302d3\ehiUPnP.ni.dll + 2011-11-24 02:13 . 2011-11-24 02:13 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\fae9950502b5464108feda9d64ebea78\ehiTVMSMusic.ni.dll - 2011-11-21 02:13 . 2011-11-21 02:13 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\fae9950502b5464108feda9d64ebea78\ehiTVMSMusic.ni.dll - 2011-11-21 02:13 . 2011-11-21 02:13 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\7de9a8137a33d06dad01c8405d960037\dfsvc.ni.exe + 2011-11-24 02:13 . 2011-11-24 02:13 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\7de9a8137a33d06dad01c8405d960037\dfsvc.ni.exe - 2011-11-21 02:10 . 2011-11-21 02:10 33280 c:\windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\320d4f45d6463976ce238f654e706926\AuditPolicyGPManagedStubs.Interop.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 33280 c:\windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\320d4f45d6463976ce238f654e706926\AuditPolicyGPManagedStubs.Interop.ni.dll - 2011-11-21 02:10 . 2011-11-21 02:10 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\d301e1d96d4f39f15482db09206f1fb1\Accessibility.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\d301e1d96d4f39f15482db09206f1fb1\Accessibility.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\de6cc37afc2bb3ea973c29211f0b21d8\System.Windows.Presentation.ni.dll + 2011-11-24 02:07 . 2011-11-24 02:07 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\de6cc37afc2bb3ea973c29211f0b21d8\System.Windows.Presentation.ni.dll + 2011-11-24 02:07 . 2011-11-24 02:07 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\813e44ed9fb1cc60fa0ddc7a8d790a0a\System.Web.DynamicData.Design.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\813e44ed9fb1cc60fa0ddc7a8d790a0a\System.Web.DynamicData.Design.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\d0ed41e7dcb1be4a43a76e47de276d94\System.ComponentModel.DataAnnotations.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\d0ed41e7dcb1be4a43a76e47de276d94\System.ComponentModel.DataAnnotations.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\32d21563937263ee3ae9eecfa59fdc3d\System.AddIn.Contract.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\32d21563937263ee3ae9eecfa59fdc3d\System.AddIn.Contract.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\af072bb984952ba5e573ca93cc0cad44\PresentationFontCache.ni.exe + 2011-11-24 02:06 . 2011-11-24 02:06 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\af072bb984952ba5e573ca93cc0cad44\PresentationFontCache.ni.exe + 2011-11-24 02:06 . 2011-11-24 02:06 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\7681b87de3ecee06390331f0fab14c93\PresentationCFFRasterizer.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\7681b87de3ecee06390331f0fab14c93\PresentationCFFRasterizer.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\a38f8e60cdbca2d158d8daaea9577934\napcrypt.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\a38f8e60cdbca2d158d8daaea9577934\napcrypt.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\0067507e3305266a72358b51bdd5dd86\Microsoft.WSMan.Runtime.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\0067507e3305266a72358b51bdd5dd86\Microsoft.WSMan.Runtime.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f7a51d8e344dda4d7f38e1b824cd83ad\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f7a51d8e344dda4d7f38e1b824cd83ad\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ed12245481e36d8cc238876bd79b1e6c\Microsoft.Windows.Diagnosis.SDHost.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ed12245481e36d8cc238876bd79b1e6c\Microsoft.Windows.Diagnosis.SDHost.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\e5e22edbc2a34b9d9a166dbbaf7379ff\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\e5e22edbc2a34b9d9a166dbbaf7379ff\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ca1daccfdb3f0bff3bd0062644a539bf\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ca1daccfdb3f0bff3bd0062644a539bf\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\afe4d94d07a22c70106c859139cb314a\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\afe4d94d07a22c70106c859139cb314a\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\62e68252fc137a55d2d39fe0d5093599\Microsoft.Windows.Diagnosis.SDEngine.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\62e68252fc137a55d2d39fe0d5093599\Microsoft.Windows.Diagnosis.SDEngine.ni.dll + 2011-11-24 02:06 . 2011-11-24 02:06 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\508857b730c4edea8eca42b3d435ef82\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll - 2011-11-21 02:06 . 2011-11-21 02:06 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\508857b730c4edea8eca42b3d435ef82\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll - 2011-11-21 02:05 . 2011-11-21 02:05 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5011901c735997d46243e3a90e8bd736\Microsoft.Vsa.ni.dll + 2011-11-24 02:05 . 2011-11-24 02:05 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5011901c735997d46243e3a90e8bd736\Microsoft.Vsa.ni.dll + 2011-11-24 02:04 . 2011-11-24 02:04 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\3cb6023aa6ab962babcee9c0ec8991de\Microsoft.VisualC.ni.dll - 2011-11-21 02:03 . 2011-11-21 02:03 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\3cb6023aa6ab962babcee9c0ec8991de\Microsoft.VisualC.ni.dll + 2011-11-24 02:05 . 2011-11-24 02:05 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\cf3cab157883d19e2fb460518c26f6e7\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll - 2011-11-21 02:05 . 2011-11-21 02:05 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\cf3cab157883d19e2fb460518c26f6e7\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll - 2011-11-21 02:05 . 2011-11-21 02:05 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\4879f5496d8e920dc19c97e53db253d2\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll + 2011-11-24 02:05 . 2011-11-24 02:05 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\4879f5496d8e920dc19c97e53db253d2\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll - 2011-11-21 02:05 . 2011-11-21 02:05 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aac5bc888c15c2630ea22e517e4e19f8\Microsoft.Build.Framework.ni.dll + 2011-11-24 02:05 . 2011-11-24 02:05 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aac5bc888c15c2630ea22e517e4e19f8\Microsoft.Build.Framework.ni.dll - 2011-11-21 02:05 . 2011-11-21 02:05 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4ee55572f0f54a71e24fe3fec094968b\Microsoft.Build.Framework.ni.dll + 2011-11-24 02:05 . 2011-11-24 02:05 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4ee55572f0f54a71e24fe3fec094968b\Microsoft.Build.Framework.ni.dll - 2011-11-21 02:04 . 2011-11-21 02:04 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\e6e4bd9a47848b93cd2dd8a688968741\ehiUserXp.ni.dll + 2011-11-24 02:05 . 2011-11-24 02:05 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\e6e4bd9a47848b93cd2dd8a688968741\ehiUserXp.ni.dll - 2011-11-21 02:04 . 2011-11-21 02:04 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\94a173b39fa90956937b41c775ac66d7\dfsvc.ni.exe + 2011-11-24 02:05 . 2011-11-24 02:05 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\94a173b39fa90956937b41c775ac66d7\dfsvc.ni.exe + 2011-11-24 02:04 . 2011-11-24 02:04 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\06b63c6e22871790da6705df56a896dc\AuditPolicyGPManagedStubs.Interop.ni.dll - 2011-11-21 02:03 . 2011-11-21 02:03 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\06b63c6e22871790da6705df56a896dc\AuditPolicyGPManagedStubs.Interop.ni.dll + 2011-11-24 02:04 . 2011-11-24 02:04 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll - 2011-11-21 02:03 . 2011-11-21 02:03 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll - 2011-11-21 02:17 . 2011-11-21 02:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-11-21 17:51 . 2011-11-21 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-11-21 17:51 . 2011-11-21 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-11-21 02:17 . 2011-11-21 02:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-11-21 02:07 . 2011-11-21 02:07 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\2d01a98c567028c2aa3f58b71581c708\dfsvc.ni.exe + 2011-11-24 02:08 . 2011-11-24 02:08 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\2d01a98c567028c2aa3f58b71581c708\dfsvc.ni.exe + 2010-10-02 17:04 . 2011-11-23 17:23 469248 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin - 2009-07-14 02:36 . 2011-11-21 02:21 635990 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-11-21 17:55 635990 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-11-21 17:55 113968 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-11-21 02:21 113968 c:\windows\system32\perfc009.dat + 2009-07-14 05:30 . 2011-11-21 17:39 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-11-20 18:37 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-11-20 18:37 143360 c:\windows\system32\DriverStore\infstor.dat + 2009-07-14 05:30 . 2011-11-21 17:39 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:01 . 2011-11-21 02:16 351004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-11-21 17:50 351004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-11-21 02:03 . 2011-11-21 02:03 971264 c:\windows\assembly\temp\1IHJU2O8JZ\System.Configuration.ni.dll + 2011-11-24 02:25 . 2011-11-24 02:25 322048 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\6c332f5c8c795f7e5415d94bf1d68b0b\WindowsFormsIntegration.ni.dll - 2011-11-21 02:31 . 2011-11-21 02:31 322048 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\6c332f5c8c795f7e5415d94bf1d68b0b\WindowsFormsIntegration.ni.dll + 2011-11-24 02:22 . 2011-11-24 02:22 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\21b0a1645439e2c615a317dc4cca191d\UIAutomationTypes.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\21b0a1645439e2c615a317dc4cca191d\UIAutomationTypes.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\792559a31b651ec7c2d5da9847961736\UIAutomationProvider.ni.dll + 2011-11-24 02:22 . 2011-11-24 02:22 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\792559a31b651ec7c2d5da9847961736\UIAutomationProvider.ni.dll - 2011-11-21 02:31 . 2011-11-21 02:31 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\0b326be8df8a20d09e9eb8e827c7258c\UIAutomationClient.ni.dll + 2011-11-24 02:25 . 2011-11-24 02:25 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\0b326be8df8a20d09e9eb8e827c7258c\UIAutomationClient.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 525824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\c767821a3004226d67edf155d5737083\System.Xml.Linq.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 525824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\c767821a3004226d67edf155d5737083\System.Xml.Linq.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 254976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\a7fe785edf8113c49b5fa6adcb537408\System.Windows.Input.Manipulations.ni.dll + 2011-11-24 02:22 . 2011-11-24 02:22 254976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\a7fe785edf8113c49b5fa6adcb537408\System.Windows.Input.Manipulations.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\0cad532e2fb59585cc790c3fe656e64f\System.Transactions.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\0cad532e2fb59585cc790c3fe656e64f\System.Transactions.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 280576 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ee501cc4420ce53f2ded79b3ad798c90\System.ServiceProcess.ni.dll - 2011-11-21 02:31 . 2011-11-21 02:31 280576 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ee501cc4420ce53f2ded79b3ad798c90\System.ServiceProcess.ni.dll - 2011-11-21 02:31 . 2011-11-21 02:31 107520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e3cbf844da8dbc1190d37abc30570e29\System.ServiceModel.Channels.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 107520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e3cbf844da8dbc1190d37abc30570e29\System.ServiceModel.Channels.ni.dll - 2011-11-21 02:31 . 2011-11-21 02:31 507904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4b2c5b2baad543993991af8e6e347964\System.ServiceModel.Routing.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 507904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4b2c5b2baad543993991af8e6e347964\System.ServiceModel.Routing.ni.dll + 2011-11-24 02:20 . 2011-11-24 02:20 939520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\bd4e7dba4c1d18de2bb92f050691f714\System.Security.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 939520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\bd4e7dba4c1d18de2bb92f050691f714\System.Security.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 376320 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\93ee99e5061f73f7e0d64e28e72acdd8\System.Runtime.Serialization.Formatters.Soap.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 376320 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\93ee99e5061f73f7e0d64e28e72acdd8\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\3ae7f226fe2de56b8a1417d52ed51029\System.Runtime.Remoting.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\3ae7f226fe2de56b8a1417d52ed51029\System.Runtime.Remoting.ni.dll + 2011-11-24 02:20 . 2011-11-24 02:20 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\97a9eaf09596eebab9ed3e17546ae804\System.Numerics.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\97a9eaf09596eebab9ed3e17546ae804\System.Numerics.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 930304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\41d449b0be8ff6b6dc9174313db88459\System.Net.ni.dll - 2011-11-21 02:30 . 2011-11-21 02:30 930304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\41d449b0be8ff6b6dc9174313db88459\System.Net.ni.dll - 2011-11-21 02:30 . 2011-11-21 02:30 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\f8aa02fc7b4467081e19e35a5601f518\System.Messaging.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\f8aa02fc7b4467081e19e35a5601f518\System.Messaging.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\4fc188ed573c4a57a0287938986f6a1c\System.Management.Instrumentation.ni.dll - 2011-11-21 02:30 . 2011-11-21 02:30 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\4fc188ed573c4a57a0287938986f6a1c\System.Management.Instrumentation.ni.dll - 2011-11-21 02:30 . 2011-11-21 02:30 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\0cca1aa68edcb1f5ee92fc8aaa2c7d51\System.IO.Log.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\0cca1aa68edcb1f5ee92fc8aaa2c7d51\System.IO.Log.ni.dll - 2011-11-21 02:30 . 2011-11-21 02:30 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\80d06aff25a9994a00f2976a1cb06733\System.IdentityModel.Selectors.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\80d06aff25a9994a00f2976a1cb06733\System.IdentityModel.Selectors.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\df0ac9043e9b88bcafa5b378994d8365\System.EnterpriseServices.Wrapper.dll + 2011-11-24 02:21 . 2011-11-24 02:21 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\df0ac9043e9b88bcafa5b378994d8365\System.EnterpriseServices.Wrapper.dll + 2011-11-24 02:20 . 2011-11-24 02:20 511488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\ce5254e2408f77d6a09d30508f8dd52a\System.Dynamic.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 511488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\ce5254e2408f77d6a09d30508f8dd52a\System.Dynamic.ni.dll - 2011-11-21 02:30 . 2011-11-21 02:30 628736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6048f7c3071c23536b976d262c34fae1\System.DirectoryServices.Protocols.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 628736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6048f7c3071c23536b976d262c34fae1\System.DirectoryServices.Protocols.ni.dll - 2011-11-21 02:30 . 2011-11-21 02:30 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\80d5d1a7442173fc59c419b8d1c647ff\System.Device.ni.dll + 2011-11-24 02:24 . 2011-11-24 02:24 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\80d5d1a7442173fc59c419b8d1c647ff\System.Device.ni.dll + 2011-11-24 02:23 . 2011-11-24 02:23 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\33038b29c486ff870f23a6b37e5b9d11\System.Data.DataSetExtensions.ni.dll - 2011-11-21 02:29 . 2011-11-21 02:29 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\33038b29c486ff870f23a6b37e5b9d11\System.Data.DataSetExtensions.ni.dll + 2011-11-24 02:23 . 2011-11-24 02:23 181248 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c509822f920d2613ab999e6148ab8099\System.Configuration.Install.ni.dll - 2011-11-21 02:29 . 2011-11-21 02:29 181248 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c509822f920d2613ab999e6148ab8099\System.Configuration.Install.ni.dll + 2011-11-24 02:23 . 2011-11-24 02:23 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\e0dc7e5bc5e66268387e19c10727a030\System.ComponentModel.DataAnnotations.ni.dll - 2011-11-21 02:29 . 2011-11-21 02:29 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\e0dc7e5bc5e66268387e19c10727a030\System.ComponentModel.DataAnnotations.ni.dll - 2011-11-21 02:29 . 2011-11-21 02:29 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\55d507e7cc2017d6eed82527df1e910a\System.AddIn.ni.dll + 2011-11-24 02:22 . 2011-11-24 02:22 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\55d507e7cc2017d6eed82527df1e910a\System.AddIn.ni.dll - 2011-11-21 02:29 . 2011-11-21 02:29 553472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\0a65293a0732eaeb538fb5d9accafe92\System.Activities.DurableInstancing.ni.dll + 2011-11-24 02:22 . 2011-11-24 02:22 553472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\0a65293a0732eaeb538fb5d9accafe92\System.Activities.DurableInstancing.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 430080 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\7597686f1c999b6491518ff47508acdf\SMSvcHost.ni.exe + 2011-11-24 02:19 . 2011-11-24 02:19 430080 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\7597686f1c999b6491518ff47508acdf\SMSvcHost.ni.exe + 2011-11-24 02:21 . 2011-11-24 02:21 184832 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\53d186939a3367ce3b37c84464370ca6\SMDiagnostics.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 184832 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\53d186939a3367ce3b37c84464370ca6\SMDiagnostics.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 387584 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\eb1dae468677366538f99b623e7a7018\PresentationFramework.Royale.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 387584 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\eb1dae468677366538f99b623e7a7018\PresentationFramework.Royale.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 745984 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1e80fa78c14d8cac7feaa1d70ffb0a38\PresentationFramework.Luna.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 745984 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1e80fa78c14d8cac7feaa1d70ffb0a38\PresentationFramework.Luna.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 331264 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\196d1a63ee35811bd9ce868bc70273a7\PresentationFramework.Classic.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 331264 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\196d1a63ee35811bd9ce868bc70273a7\PresentationFramework.Classic.ni.dll - 2011-11-21 02:28 . 2011-11-21 02:28 555520 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\039366972f5ad8f34025c5aed57c1929\PresentationFramework.Aero.ni.dll + 2011-11-24 02:21 . 2011-11-24 02:21 555520 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\039366972f5ad8f34025c5aed57c1929\PresentationFramework.Aero.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\162188f24710473e90f7327869e0715d\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2011-11-24 02:20 . 2011-11-24 02:20 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\162188f24710473e90f7327869e0715d\Microsoft.VisualBasic.Compatibility.Data.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\85e60ede22b298d7e5fcc17757f74ef1\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-11-24 02:20 . 2011-11-24 02:20 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\85e60ede22b298d7e5fcc17757f74ef1\Microsoft.Transactions.Bridge.Dtc.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\4f99fd1b2d217c9950b0e7c053b9e906\CustomMarshalers.ni.dll + 2011-11-24 02:19 . 2011-11-24 02:19 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\4f99fd1b2d217c9950b0e7c053b9e906\CustomMarshalers.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\11f340731d6cd696ae7b8b6351702cbe\WindowsFormsIntegration.ni.dll - 2011-11-21 02:10 . 2011-11-21 02:10 252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\11f340731d6cd696ae7b8b6351702cbe\WindowsFormsIntegration.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\8d3a679adab2761b52ffbb45c9c3a424\UIAutomationTypes.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\8d3a679adab2761b52ffbb45c9c3a424\UIAutomationTypes.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\0335e0194e209f69c3bd7104f3072818\UIAutomationClient.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\0335e0194e209f69c3bd7104f3072818\UIAutomationClient.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c829c221dcccf40edbd75a0db8677d8a\System.Xml.Linq.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c829c221dcccf40edbd75a0db8677d8a\System.Xml.Linq.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\004e12aad2006c3e9b30c08d52f8785b\System.Windows.Input.Manipulations.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\004e12aad2006c3e9b30c08d52f8785b\System.Windows.Input.Manipulations.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\801e4d0a25c5afb1288c890f9e71257a\System.Transactions.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\801e4d0a25c5afb1288c890f9e71257a\System.Transactions.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0af5485ccb0e43dd200f9e21f5eb60bd\System.ServiceProcess.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0af5485ccb0e43dd200f9e21f5eb60bd\System.ServiceProcess.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\cfb228e35c0876d643008f616a8e132f\System.ServiceModel.Routing.ni.dll + 2011-11-24 02:10 . 2011-11-24 02:10 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\cfb228e35c0876d643008f616a8e132f\System.ServiceModel.Routing.ni.dll + 2011-11-24 02:01 . 2011-11-24 02:01 729088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\fb35b1630e65c1d381dc193e8eeafd11\System.Security.ni.dll - 2011-11-21 02:01 . 2011-11-21 02:01 729088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\fb35b1630e65c1d381dc193e8eeafd11\System.Security.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\dd02eb52dead028e9ca47004a0ef6811\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\dd02eb52dead028e9ca47004a0ef6811\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 762368 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\1aad834c96402d8cb42631dcbcb14848\System.Runtime.Remoting.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 762368 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\1aad834c96402d8cb42631dcbcb14848\System.Runtime.Remoting.ni.dll + 2011-11-24 02:01 . 2011-11-24 02:01 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\17c29c52d52ff0b9b348b54037329bd0\System.Numerics.ni.dll - 2011-11-21 02:01 . 2011-11-21 02:01 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\17c29c52d52ff0b9b348b54037329bd0\System.Numerics.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\772b52e4ac8936b913fe017d909c75e4\System.Net.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\772b52e4ac8936b913fe017d909c75e4\System.Net.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\800c19289623b452a4681765004a6593\System.Messaging.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\800c19289623b452a4681765004a6593\System.Messaging.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\0d9d8caf2b678f6163062213fbebba79\System.Management.Instrumentation.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\0d9d8caf2b678f6163062213fbebba79\System.Management.Instrumentation.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\f3dae22180575540ae1cce1dc3310ec8\System.IO.Log.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\f3dae22180575540ae1cce1dc3310ec8\System.IO.Log.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\29722312a1eb3d003a4b1d13a99ce7a2\System.IdentityModel.Selectors.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\29722312a1eb3d003a4b1d13a99ce7a2\System.IdentityModel.Selectors.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.Wrapper.dll - 2011-11-21 02:08 . 2011-11-21 02:08 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.Wrapper.dll + 2011-11-24 02:08 . 2011-11-24 02:08 786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3543c115bdc594a29a010e8a9ce20b55\System.EnterpriseServices.ni.dll - 2011-11-21 02:01 . 2011-11-21 02:01 377344 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\082c3497e9f012c0609b8140d158f472\System.Dynamic.ni.dll + 2011-11-24 02:01 . 2011-11-24 02:01 377344 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\082c3497e9f012c0609b8140d158f472\System.Dynamic.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\cf4c1eab5c582c8b3240df27a1571014\System.DirectoryServices.AccountManagement.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\cf4c1eab5c582c8b3240df27a1571014\System.DirectoryServices.AccountManagement.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\2bb5db827de2910b7ab3b83b402edbd1\System.DirectoryServices.Protocols.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\2bb5db827de2910b7ab3b83b402edbd1\System.DirectoryServices.Protocols.ni.dll - 2011-11-21 02:09 . 2011-11-21 02:09 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\eb2b27bc25184cd6878192ce2af5d37a\System.Device.ni.dll + 2011-11-24 02:09 . 2011-11-24 02:09 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\eb2b27bc25184cd6878192ce2af5d37a\System.Device.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\0861be947a9873ce65c95ad6306dc4b8\System.Data.DataSetExtensions.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\0861be947a9873ce65c95ad6306dc4b8\System.Data.DataSetExtensions.ni.dll - 2011-11-21 02:01 . 2011-11-21 02:01 980480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\671b30d14bd0da4964983a5cf900c3e8\System.Configuration.ni.dll + 2011-11-24 02:01 . 2011-11-24 02:01 980480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\671b30d14bd0da4964983a5cf900c3e8\System.Configuration.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\bfcf802a51a71bdb239e504eac1b2343\System.Configuration.Install.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\bfcf802a51a71bdb239e504eac1b2343\System.Configuration.Install.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\75be7916fe8bb0db3fa194b8d6ef9d9b\System.ComponentModel.DataAnnotations.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\75be7916fe8bb0db3fa194b8d6ef9d9b\System.ComponentModel.DataAnnotations.ni.dll - 2011-11-21 02:02 . 2011-11-21 02:02 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\17f12751c9580e91ea42f174b10d0720\System.ComponentModel.Composition.ni.dll + 2011-11-24 02:02 . 2011-11-24 02:02 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\17f12751c9580e91ea42f174b10d0720\System.ComponentModel.Composition.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0f1bafb387e3571c1b75bf5f3dbc7d41\System.AddIn.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0f1bafb387e3571c1b75bf5f3dbc7d41\System.AddIn.ni.dll - 2011-11-21 02:08 . 2011-11-21 02:08 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\742dd858317919b757db0d2222c57e7b\System.Activities.DurableInstancing.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\742dd858317919b757db0d2222c57e7b\System.Activities.DurableInstancing.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\7a5c39f61b17e969dfc6c6a7068c49c4\SMSvcHost.ni.exe - 2011-11-21 02:07 . 2011-11-21 02:07 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\7a5c39f61b17e969dfc6c6a7068c49c4\SMSvcHost.ni.exe - 2011-11-21 02:08 . 2011-11-21 02:08 142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\7b4d732795beab50abf3458fa6a267c9\SMDiagnostics.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\7b4d732795beab50abf3458fa6a267c9\SMDiagnostics.ni.dll + 2011-11-24 02:02 . 2011-11-24 02:02 284160 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ad343938f98936b70bc6cd92bbef48ee\PresentationFramework.Classic.ni.dll - 2011-11-21 02:02 . 2011-11-21 02:02 284160 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ad343938f98936b70bc6cd92bbef48ee\PresentationFramework.Classic.ni.dll - 2011-11-21 02:02 . 2011-11-21 02:02 656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a7480d52a62e983e9cb6edbd8949960a\PresentationFramework.Luna.ni.dll + 2011-11-24 02:02 . 2011-11-24 02:02 656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a7480d52a62e983e9cb6edbd8949960a\PresentationFramework.Luna.ni.dll - 2011-11-21 02:02 . 2011-11-21 02:02 450560 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9fbc5dc82cbdac4526c57eea5d480c03\PresentationFramework.Aero.ni.dll + 2011-11-24 02:02 . 2011-11-24 02:02 450560 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9fbc5dc82cbdac4526c57eea5d480c03\PresentationFramework.Aero.ni.dll + 2011-11-24 02:02 . 2011-11-24 02:02 327680 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9542e99f613b7c4b7c28d38ff39b5937\PresentationFramework.Royale.ni.dll - 2011-11-21 02:02 . 2011-11-21 02:02 327680 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9542e99f613b7c4b7c28d38ff39b5937\PresentationFramework.Royale.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\372dc0b22c0b92aee2d2ebd482671e89\Microsoft.VisualBasic.Compatibility.Data.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\372dc0b22c0b92aee2d2ebd482671e89\Microsoft.VisualBasic.Compatibility.Data.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\1751b025496942925f09bc6409e3a175\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\1751b025496942925f09bc6409e3a175\Microsoft.Transactions.Bridge.Dtc.ni.dll - 2011-11-21 02:07 . 2011-11-21 02:07 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\05cdbb716020bb07505b04593ee0f2b0\CustomMarshalers.ni.dll + 2011-11-24 02:08 . 2011-11-24 02:08 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\05cdbb716020bb07505b04593ee0f2b0\CustomMarshalers.ni.dll - 2011-11-21 02:26 . 2011-11-21 02:26 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\756011e2290f779331336b1659d804e9\WsatConfig.ni.exe + 2011-11-24 02:19 . 2011-11-24 02:19 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\756011e2290f779331336b1659d804e9\WsatConfig.ni.exe + 2011-11-24 02:19 . 2011-11-24 02:19 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\bdf567eb555bffe4d9f4383b6b97832b\WindowsFormsIntegration.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\bdf567eb555bffe4d9f4383b6b97832b\WindowsFormsIntegration.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\344ac206baaadddc6f7c5fb8ae189b1a\UIAutomationTypes.ni.dll - 2011-11-21 02:16 . 2011-11-21 02:16 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\344ac206baaadddc6f7c5fb8ae189b1a\UIAutomationTypes.ni.dll - 2011-11-21 02:16 . 2011-11-21 02:16 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\7a61dc7e8c606d1ed2c703cbeae2f8ef\UIAutomationProvider.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\7a61dc7e8c606d1ed2c703cbeae2f8ef\UIAutomationProvider.ni.dll + 2011-11-24 02:17 . 2011-11-24 02:17 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\93585639099b0e1b8280eb528fb12c0b\UIAutomationClient.ni.dll - 2011-11-21 02:23 . 2011-11-21 02:23 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\93585639099b0e1b8280eb528fb12c0b\UIAutomationClient.ni.dll + 2011-11-24 02:19 . 2011-11-24 02:19 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\da4abebb1b165f2d27c5fe5bc6e9ed71\TaskScheduler.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\da4abebb1b165f2d27c5fe5bc6e9ed71\TaskScheduler.ni.dll - 2011-11-21 02:24 . 2011-11-21 02:24 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\2b9253e5a2818152f9f1a3b9d7c7ee60\System.Xml.Linq.ni.dll + 2011-11-24 02:18 . 2011-11-24 02:18 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\2b9253e5a2818152f9f1a3b9d7c7ee60\System.Xml.Linq.ni.dll + 2011-11-24 02:18 . 2011-11-24 02:18 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\5e59963a99fe6b3dfc07b6ecb375b42b\System.Web.Routing.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\5e59963a99fe6b3dfc07b6ecb375b42b\System.Web.Routing.ni.dll - 2011-11-21 02:12 . 2011-11-21 02:12 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\d78f9ad8894e441f38d96697bee1d6fa\System.Web.RegularExpressions.ni.dll + 2011-11-24 02:12 . 2011-11-24 02:12 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\d78f9ad8894e441f38d96697bee1d6fa\System.Web.RegularExpressions.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\550cf8623da60ebdaf41be0d472886cf\System.Web.Entity.ni.dll + 2011-11-24 02:18 . 2011-11-24 02:18 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\550cf8623da60ebdaf41be0d472886cf\System.Web.Entity.ni.dll + 2011-11-24 02:18 . 2011-11-24 02:18 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e97615ac42a73803dbb72feb560dc3f8\System.Web.Entity.Design.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e97615ac42a73803dbb72feb560dc3f8\System.Web.Entity.Design.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\469736b242d26e3a0df5dea6da3679f4\System.Web.DynamicData.ni.dll + 2011-11-24 02:18 . 2011-11-24 02:18 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\469736b242d26e3a0df5dea6da3679f4\System.Web.DynamicData.ni.dll + 2011-11-24 02:18 . 2011-11-24 02:18 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\de14c74ae9ddfaae3ecf50a7e4a1f1b0\System.Web.Abstractions.ni.dll - 2011-11-21 02:25 . 2011-11-21 02:25 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\de14c74ae9ddfaae3ecf50a7e4a1f1b0\System.Web.Abstractions.ni.dll + 2011-11-24 02:11 . 2011-11-24 02:11 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll - 2011-11-21 02:11 . 2011-11-21 02:11 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll + 2011-11-24 02:12 . 2011-11-24 02:12 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll - 2011-11-21 02:12 . 2011-11-21 02:12 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll - 2011-11-21 02:10 . 2011-11-21 02:10 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb5c84ca6d5453b50c28e1af\System.Security.ni.dll + 2011-11-24 02:11 . 2011-11-24 02:11 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb
  • Grondig - het gaat mij erom zekerheid te krijgen wat betreft jouw Windows. En nu blijkt dat het log niet compleet is. Je vindt het log terug in C:Combofix.txt2
  • Ik ben wat met mijn netwerk aan het knutselen en nu kwam ik er via ShieldsUp achter dat Port 53 openstaat. http://www.grc.com/x/ne.dll?rh1dkyd2 Al hoeft dit blijkbaar helemaal niet ernstig te zijn, ik ben liever zeker. Ik heb geen DNS server in mijn netwerk draaien. Router(tje) Copperjet 1616-2p (weggevertje Alice). Trend housecall geeft geen threats In mijn log staan veel missing files, kan ik die gewoon weggooien? Zie hieronder: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:20:16, on 20-11-2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\vVX1000.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Users\Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe D:\Adobe\CS4\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (file missing) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\CS4\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Google Update] "C:\Users\Sander\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Sander\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D442C5E8-F8D5-4DEC-8DDB-48E545B3F954}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{03992723-09C3-4B34-8142-BFAF1A33B640}: NameServer = 192.168.1.1 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (file missing) O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (file missing) O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%SystemRoot%\system32\wlms\wlms.exe,-1 (WLMS) - Unknown owner - C:\Windows\system32\wlms\wlms.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13551 bytes

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.