Vraag & Antwoord

Beveiliging & privacy

Laptop is heel traag

18 antwoorden
  • Hoi, De laptop van mijn ouders is heel erg traag. Ik heb HiJackThis, de MBAM en de Uninstall gedraaid en de logs staan onder dit bericht. Kan iemand aangeven wat de volgende stap is? Alvast bedankt. Vriendelijke groet, Bianca Kuik. HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:49:57, on 14-1-2012 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe C:\Windows\BisonCam\BisonHK.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\BisonCam\BsMnt.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [BisonHK] C:\Windows\BisonCam\BisonHK.exe O4 - HKLM\..\Run: [BsMnt] C:\Windows\BisonCam\BsMnt.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,RunDLLEntry O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: lxcf_device - - C:\Windows\system32\lxcfcoms.exe O23 - Service: lxee_device - - C:\Windows\system32\lxeecoms.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe -- End of file - 9869 bytes MBAM: Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.0.1800 www.malwarebytes.org Databaseversie: v2012.01.14.02 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 8.0.6001.19088 Tieme :: PC_VAN_TIEME [administrator] Realtime bescherming: Ingeschakeld 14-1-2012 17:10:27 mbam-log-2012-01-14 (17-10-27).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 181238 Verstreken tijd: 13 minuut/minuten, 7 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Windows\Temp\TMP00000004D4A0EC7F7577F373 (Trojan.Dropper) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Temp\TMP00000006785328D0557E36BF (Trojan.Dropper) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Uninstall: Aangifte inkomstenbelasting 2009 Aangifte inkomstenbelasting 2010 Adobe Flash Player 10 ActiveX Adobe Reader X (10.1.0) - Nederlands albelli photo book creator Extra Apple Software Update AVG 2012 AVG 2012 AVG 2012 BisonCam Cradle of Rome Deluxe CyberLink YouCam Extensie voor Windows Live Toolbar (Windows Live Toolbar) Google Desktop HEMA Fotoservice Hi Online HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Intel(R) Graphics Media Accelerator Driver Java(TM) 6 Update 26 Junk Mail filter update Lexmark 730 Series Malwarebytes Anti-Malware versie 1.60.0.1800 Markeringviewer (Windows Live Toolbar) Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile Microsoft Choice Guard Microsoft Office 2000 SR-1 Professional Microsoft Office File Validation Add-In Microsoft Office Professional Editie 2003 Microsoft Picture It! Photo 7.0 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works 2003 Setup starten MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Essentials neroxml OpenAL OpenOffice.org Installer 1.0 PhotoViewer 2.4 Picasa 3 PRINCIPIANTE SIN NOCIONES QuickTime Ralink Wireless LAN Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) SimpleScreenshot 1.30 Skype™ 3.8 Smart Menu's (Windows Live Toolbar) StepBridge System Control Manager Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TomTom HOME 2.8.2.2264 TomTom HOME Visual Studio Merge Modules Update for Microsoft .NET Framework 3.5 SP1 (KB963707) VCRedistSetup Vodafone Mobile Connect Lite Huawei Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Favorites voor Windows Live Toolbar Windows Live Mail Windows Live Messenger Windows Live OneCare safety scanner Windows Live OneCare safety scanner Windows Live Photo Gallery Windows Live Sync Windows Live Toolbar
  • Hallo Bianca, dan gaan we maar eens kijken war er zoal aan de hand kan zijn. [b:33eadd12c2]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:33eadd12c2] [color=blue:33eadd12c2][list:33eadd12c2][*:33eadd12c2]Lees alle instrukties goed door. [*:33eadd12c2]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:33eadd12c2]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:33eadd12c2]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:33eadd12c2]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:33eadd12c2]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:33eadd12c2][/color:33eadd12c2] [color=#FF0000:33eadd12c2][b:33eadd12c2]Stap •1•[/b:33eadd12c2][/color:33eadd12c2] [b:33eadd12c2]Welk programma[/b:33eadd12c2]: Kaspersky [b:33eadd12c2]TDSSKiller[/b:33eadd12c2] [b:33eadd12c2]Waarvoor/waarom[/b:33eadd12c2]: Rootkitscanner [b:33eadd12c2]Moeilijkheidsgraad[/b:33eadd12c2]: geen [b:33eadd12c2]Downloadlokatie[/b:33eadd12c2]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:33eadd12c2]Download[/b:33eadd12c2] [b:33eadd12c2]TDSSKiller[/b:33eadd12c2] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:33eadd12c2]hier[/b:33eadd12c2][/url]. [b:33eadd12c2]Installatie[/b:33eadd12c2]: [list:33eadd12c2][*:33eadd12c2] pak het bestand uit op je bureaublad.[/list:u:33eadd12c2] [b:33eadd12c2]TDSSKiller gebruiken[/b:33eadd12c2]: [list:33eadd12c2][*:33eadd12c2]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:33eadd12c2]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:33eadd12c2]Als Administrator uitvoeren[/b:33eadd12c2].[/list:u:33eadd12c2] [list:33eadd12c2][*:33eadd12c2]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit, [*:33eadd12c2]klik daarvoor op de knop "Load update"[/list:u:33eadd12c2] [img:33eadd12c2]http://www.malwareinfo.nl/files/screens/TDSSkiller(update).jpg[/img:33eadd12c2] [list:33eadd12c2][*:33eadd12c2]Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op. [*:33eadd12c2]Start nu TDSSkiller opnieuw. [*:33eadd12c2] Klik op "[b:33eadd12c2]Change parameters[/b:33eadd12c2]" en zorg dat de onderstaande opties allemaal aangevinkt zijn.[/list:u:33eadd12c2] [img:33eadd12c2]http://www.malwareinfo.nl/files/screens/TDSSkiller(opties).jpg[/img:33eadd12c2] [list:33eadd12c2][*:33eadd12c2]Klik vervolgens op de knop [b:33eadd12c2]"Start Scan"[/b:33eadd12c2] en volg de instructies. [*:33eadd12c2] Nadat de scan klaar is klik je op de knop [b:33eadd12c2]"Report"[/b:33eadd12c2]. [*:33eadd12c2]Er opent een kladblokbestand. Post de inhoud van dit bestand.[/list:u:33eadd12c2] [list:33eadd12c2][*:33eadd12c2][b:33eadd12c2]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:33eadd12c2] [*:33eadd12c2]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:33eadd12c2]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:33eadd12c2][/list:u:33eadd12c2] [color=#0000FF:33eadd12c2][b:33eadd12c2]Belangrijk:[/b:33eadd12c2][/color:33eadd12c2] [list:33eadd12c2][*:33eadd12c2]Indien je een waarschuwing krijgt over [b:33eadd12c2]sptd.sys[/b:33eadd12c2] dan mag je deze 'skippen' deze hoort bij Emulatiesoftware zoals bijv. DaemonTools. [*:33eadd12c2]De [b:33eadd12c2]unsigned files[/b:33eadd12c2] skip je, [*:33eadd12c2][b:33eadd12c2]TDSS File System[/b:33eadd12c2] laat je verwijderen of in quarantaine zetten, [b:33eadd12c2]delete[/b:33eadd12c2] of [b:33eadd12c2]copy to quarantine[/b:33eadd12c2]. [*:33eadd12c2][b:33eadd12c2]Rootkit.Boot.SST.b[/b:33eadd12c2] en anderen zoals [b:33eadd12c2]Sinowal[/b:33eadd12c2], [b:33eadd12c2]ZeroAccess[/b:33eadd12c2] of [b:33eadd12c2]Whistler[/b:33eadd12c2] laat je herstellen [b:33eadd12c2]Cure[/b:33eadd12c2].[/list:u:33eadd12c2] [color=#FF0000:33eadd12c2][b:33eadd12c2]Stap •2•[/b:33eadd12c2][/color:33eadd12c2] [b:33eadd12c2]Welk programma[/b:33eadd12c2]: ComboFix [b:33eadd12c2]Waarvoor/waarom[/b:33eadd12c2]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:33eadd12c2]Moeilijkheidsgraad[/b:33eadd12c2]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:33eadd12c2]Downloadlokatie[/b:33eadd12c2]: Dit programma absoluut naar het bureaublad downloaden! [b:33eadd12c2]Download ComboFix via één van deze locaties[/b:33eadd12c2]: [list:33eadd12c2][*:33eadd12c2][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:33eadd12c2]Bleepingcomputer[/b:33eadd12c2][/url] [*:33eadd12c2][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:33eadd12c2]ForoSpyware[/b:33eadd12c2][/url] [*:33eadd12c2][url=http://subs.geekstogo.com/ComboFix.exe][b:33eadd12c2]Geekstogo[/b:33eadd12c2][/url][/list:u:33eadd12c2] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:33eadd12c2]Hier[/b:33eadd12c2][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:33eadd12c2]Hier[/b:33eadd12c2][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:33eadd12c2]hier[/b:33eadd12c2][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:33eadd12c2]Voor alle duidelijkheid nogmaals[/b:33eadd12c2]: ComboFix dient vanaf het bureaublad gestart te worden. [b:33eadd12c2]Opmerkingen[/b:33eadd12c2]: [list:33eadd12c2][*:33eadd12c2] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:33eadd12c2]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:33eadd12c2]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:33eadd12c2] [b:33eadd12c2]ComboFix is opgestart[/b:33eadd12c2]: [list:33eadd12c2][*:33eadd12c2]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:33eadd12c2]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen! [*:33eadd12c2]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:33eadd12c2]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:33eadd12c2]Post de inhoud van dit logbestand in je volgende bericht. [*:33eadd12c2]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:33eadd12c2] [b:33eadd12c2]Belangrijke opmerking[/b:33eadd12c2]: [list:33eadd12c2][*:33eadd12c2][b:33eadd12c2][color=Red:33eadd12c2]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:33eadd12c2][/b:33eadd12c2] [*:33eadd12c2][b:33eadd12c2][color=blue:33eadd12c2]Illegal operation attempted on a registery key that has been marked for deletion.[/color:33eadd12c2][/b:33eadd12c2] [*:33eadd12c2][b:33eadd12c2][color=Red:33eadd12c2]Start dan de computer opnieuw op.[/color:33eadd12c2][/b:33eadd12c2][/list:u:33eadd12c2] [color=#FF0000:33eadd12c2][b:33eadd12c2]Stap •3•[/b:33eadd12c2][/color:33eadd12c2] [b:33eadd12c2]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:33eadd12c2] [list:33eadd12c2][*:33eadd12c2] TDSSKiller-log [*:33eadd12c2] ComboFix.txt-log [/list:u:33eadd12c2]
  • Hoi, Bedankt voor het antwoord. Bij deze als eerste het report van de TDSS Killer. 15:51:45.0135 4084 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27 15:51:45.0338 4084 ============================================================ 15:51:45.0338 4084 Current date / time: 2012/01/29 15:51:45.0338 15:51:45.0338 4084 SystemInfo: 15:51:45.0338 4084 15:51:45.0338 4084 OS Version: 6.0.6001 ServicePack: 1.0 15:51:45.0338 4084 Product type: Workstation 15:51:45.0338 4084 ComputerName: PC_VAN_TIEME 15:51:45.0338 4084 UserName: Tieme 15:51:45.0338 4084 Windows directory: C:\Windows 15:51:45.0338 4084 System windows directory: C:\Windows 15:51:45.0338 4084 Processor architecture: Intel x86 15:51:45.0338 4084 Number of processors: 2 15:51:45.0338 4084 Page size: 0x1000 15:51:45.0338 4084 Boot type: Normal boot 15:51:45.0338 4084 ============================================================ 15:51:47.0506 4084 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 15:51:47.0584 4084 Initialize success 15:52:22.0637 4156 ============================================================ 15:52:22.0637 4156 Scan started 15:52:22.0637 4156 Mode: Manual; SigCheck; TDLFS; 15:52:22.0637 4156 ============================================================ 15:52:24.0306 4156 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys 15:52:24.0478 4156 ACPI - ok 15:52:24.0556 4156 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 15:52:24.0587 4156 adp94xx - ok 15:52:24.0634 4156 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 15:52:24.0650 4156 adpahci - ok 15:52:24.0665 4156 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 15:52:24.0681 4156 adpu160m - ok 15:52:24.0712 4156 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 15:52:24.0728 4156 adpu320 - ok 15:52:24.0806 4156 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys 15:52:24.0993 4156 AFD - ok 15:52:25.0118 4156 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 15:52:25.0133 4156 agp440 - ok 15:52:25.0211 4156 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 15:52:25.0227 4156 aic78xx - ok 15:52:25.0258 4156 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 15:52:25.0274 4156 aliide - ok 15:52:25.0305 4156 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 15:52:25.0320 4156 amdagp - ok 15:52:25.0336 4156 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 15:52:25.0352 4156 amdide - ok 15:52:25.0367 4156 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 15:52:25.0476 4156 AmdK7 - ok 15:52:25.0508 4156 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 15:52:25.0570 4156 AmdK8 - ok 15:52:25.0632 4156 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 15:52:25.0648 4156 arc - ok 15:52:25.0695 4156 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 15:52:25.0710 4156 arcsas - ok 15:52:25.0726 4156 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 15:52:25.0835 4156 AsyncMac - ok 15:52:25.0866 4156 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys 15:52:25.0882 4156 atapi - ok 15:52:25.0991 4156 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 15:52:26.0069 4156 AVGIDSDriver - ok 15:52:26.0147 4156 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 15:52:26.0147 4156 AVGIDSEH - ok 15:52:26.0178 4156 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 15:52:26.0194 4156 AVGIDSFilter - ok 15:52:26.0256 4156 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys 15:52:26.0272 4156 AVGIDSShim - ok 15:52:26.0303 4156 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys 15:52:26.0334 4156 Avgldx86 - ok 15:52:26.0381 4156 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys 15:52:26.0397 4156 Avgmfx86 - ok 15:52:26.0444 4156 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys 15:52:26.0459 4156 Avgrkx86 - ok 15:52:26.0522 4156 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys 15:52:26.0537 4156 Avgtdix - ok 15:52:26.0631 4156 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 15:52:26.0974 4156 Beep - ok 15:52:27.0021 4156 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 15:52:27.0099 4156 blbdrive - ok 15:52:27.0146 4156 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys 15:52:27.0208 4156 bowser - ok 15:52:27.0255 4156 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 15:52:27.0348 4156 BrFiltLo - ok 15:52:27.0364 4156 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 15:52:27.0458 4156 BrFiltUp - ok 15:52:27.0520 4156 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 15:52:27.0645 4156 Brserid - ok 15:52:27.0676 4156 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 15:52:27.0848 4156 BrSerWdm - ok 15:52:27.0863 4156 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 15:52:27.0972 4156 BrUsbMdm - ok 15:52:28.0004 4156 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 15:52:28.0113 4156 BrUsbSer - ok 15:52:28.0144 4156 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 15:52:28.0284 4156 BTHMODEM - ok 15:52:28.0425 4156 Cam5603D (c67978dbfe659dce83708219f70a4f41) C:\Windows\system32\Drivers\BisonCam.sys 15:52:28.0503 4156 Cam5603D - ok 15:52:28.0550 4156 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 15:52:28.0596 4156 cdfs - ok 15:52:28.0659 4156 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys 15:52:28.0737 4156 cdrom - ok 15:52:28.0768 4156 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 15:52:28.0862 4156 circlass - ok 15:52:28.0908 4156 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys 15:52:28.0940 4156 CLFS - ok 15:52:29.0018 4156 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 15:52:29.0080 4156 CmBatt - ok 15:52:29.0127 4156 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 15:52:29.0142 4156 cmdide - ok 15:52:29.0174 4156 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 15:52:29.0189 4156 Compbatt - ok 15:52:29.0205 4156 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 15:52:29.0220 4156 crcdisk - ok 15:52:29.0236 4156 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 15:52:29.0298 4156 Crusoe - ok 15:52:29.0408 4156 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys 15:52:29.0439 4156 DfsC - ok 15:52:29.0532 4156 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys 15:52:29.0548 4156 disk - ok 15:52:29.0642 4156 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 15:52:29.0735 4156 drmkaud - ok 15:52:29.0782 4156 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys 15:52:29.0860 4156 DXGKrnl - ok 15:52:29.0907 4156 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 15:52:29.0954 4156 E1G60 - ok 15:52:30.0032 4156 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys 15:52:30.0047 4156 Ecache - ok 15:52:30.0125 4156 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 15:52:30.0172 4156 elxstor - ok 15:52:30.0203 4156 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 15:52:30.0312 4156 ErrDev - ok 15:52:30.0359 4156 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys 15:52:30.0422 4156 exfat - ok 15:52:30.0453 4156 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys 15:52:30.0531 4156 fastfat - ok 15:52:30.0578 4156 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 15:52:30.0624 4156 fdc - ok 15:52:30.0656 4156 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 15:52:30.0671 4156 FileInfo - ok 15:52:30.0687 4156 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 15:52:30.0765 4156 Filetrace - ok 15:52:30.0780 4156 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 15:52:30.0874 4156 flpydisk - ok 15:52:30.0936 4156 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys 15:52:30.0968 4156 FltMgr - ok 15:52:30.0983 4156 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 15:52:31.0061 4156 Fs_Rec - ok 15:52:31.0077 4156 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 15:52:31.0092 4156 gagp30kx - ok 15:52:31.0217 4156 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 15:52:31.0326 4156 HdAudAddService - ok 15:52:31.0373 4156 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:52:31.0436 4156 HDAudBus - ok 15:52:31.0467 4156 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 15:52:31.0560 4156 HidBth - ok 15:52:31.0592 4156 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 15:52:31.0685 4156 HidIr - ok 15:52:31.0748 4156 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys 15:52:31.0794 4156 HidUsb - ok 15:52:31.0841 4156 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 15:52:31.0857 4156 HpCISSs - ok 15:52:31.0919 4156 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys 15:52:32.0013 4156 HTTP - ok 15:52:32.0122 4156 hwdatacard (4e370a583e78b614918c8f2cd5b733ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys 15:52:32.0200 4156 hwdatacard - ok 15:52:32.0294 4156 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 15:52:32.0309 4156 i2omp - ok 15:52:32.0372 4156 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 15:52:32.0434 4156 i8042prt - ok 15:52:32.0481 4156 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 15:52:32.0512 4156 iaStorV - ok 15:52:32.0606 4156 igfx (63c56dac467ef814b60ff2aa2286c917) C:\Windows\system32\DRIVERS\igdkmd32.sys 15:52:32.0793 4156 igfx - ok 15:52:32.0840 4156 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 15:52:32.0855 4156 iirsp - ok 15:52:33.0011 4156 IntcAzAudAddService (dcdfe561f177105e1e365733f09f3e30) C:\Windows\system32\drivers\RTKVHDA.sys 15:52:33.0370 4156 IntcAzAudAddService - ok 15:52:33.0479 4156 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 15:52:33.0495 4156 intelide - ok 15:52:33.0573 4156 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 15:52:33.0620 4156 intelppm - ok 15:52:33.0682 4156 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:52:33.0744 4156 IpFilterDriver - ok 15:52:33.0760 4156 IpInIp - ok 15:52:33.0791 4156 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 15:52:33.0869 4156 IPMIDRV - ok 15:52:33.0885 4156 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 15:52:33.0932 4156 IPNAT - ok 15:52:33.0947 4156 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 15:52:34.0025 4156 IRENUM - ok 15:52:34.0056 4156 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 15:52:34.0072 4156 isapnp - ok 15:52:34.0103 4156 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys 15:52:34.0134 4156 iScsiPrt - ok 15:52:34.0150 4156 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 15:52:34.0166 4156 iteatapi - ok 15:52:34.0181 4156 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 15:52:34.0197 4156 iteraid - ok 15:52:34.0228 4156 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 15:52:34.0244 4156 kbdclass - ok 15:52:34.0259 4156 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 15:52:34.0337 4156 kbdhid - ok 15:52:34.0400 4156 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys 15:52:34.0431 4156 KSecDD - ok 15:52:34.0462 4156 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 15:52:34.0509 4156 lltdio - ok 15:52:34.0556 4156 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 15:52:34.0571 4156 LSI_FC - ok 15:52:34.0587 4156 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 15:52:34.0602 4156 LSI_SAS - ok 15:52:34.0634 4156 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 15:52:34.0649 4156 LSI_SCSI - ok 15:52:34.0680 4156 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 15:52:34.0727 4156 luafv - ok 15:52:34.0821 4156 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys 15:52:34.0836 4156 MBAMProtector - ok 15:52:34.0883 4156 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 15:52:34.0899 4156 megasas - ok 15:52:34.0961 4156 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 15:52:34.0977 4156 MegaSR - ok 15:52:35.0055 4156 MGHwCtrl (e5292521916cea4937fbabcb1532f676) C:\Windows\system32\drivers\MGHwCtrl.sys 15:52:35.0070 4156 MGHwCtrl ( UnsignedFile.Multi.Generic ) - warning 15:52:35.0070 4156 MGHwCtrl - detected UnsignedFile.Multi.Generic (1) 15:52:35.0133 4156 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 15:52:35.0211 4156 Modem - ok 15:52:35.0242 4156 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 15:52:35.0289 4156 monitor - ok 15:52:35.0320 4156 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 15:52:35.0336 4156 mouclass - ok 15:52:35.0351 4156 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 15:52:35.0414 4156 mouhid - ok 15:52:35.0445 4156 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 15:52:35.0460 4156 MountMgr - ok 15:52:35.0523 4156 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 15:52:35.0538 4156 mpio - ok 15:52:35.0570 4156 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 15:52:35.0601 4156 mpsdrv - ok 15:52:35.0632 4156 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 15:52:35.0648 4156 Mraid35x - ok 15:52:35.0710 4156 MREMP50 - ok 15:52:35.0726 4156 MREMP50a64 - ok 15:52:35.0741 4156 MREMPR5 - ok 15:52:35.0741 4156 MRENDIS5 - ok 15:52:35.0757 4156 MRESP50 - ok 15:52:35.0757 4156 MRESP50a64 - ok 15:52:35.0788 4156 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys 15:52:35.0835 4156 MRxDAV - ok 15:52:35.0882 4156 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:52:35.0928 4156 mrxsmb - ok 15:52:35.0991 4156 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:52:36.0022 4156 mrxsmb10 - ok 15:52:36.0053 4156 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:52:36.0084 4156 mrxsmb20 - ok 15:52:36.0162 4156 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 15:52:36.0178 4156 msahci - ok 15:52:36.0209 4156 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 15:52:36.0225 4156 msdsm - ok 15:52:36.0334 4156 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 15:52:36.0381 4156 Msfs - ok 15:52:36.0412 4156 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 15:52:36.0428 4156 msisadrv - ok 15:52:36.0474 4156 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 15:52:36.0552 4156 MSKSSRV - ok 15:52:36.0584 4156 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 15:52:36.0646 4156 MSPCLOCK - ok 15:52:36.0677 4156 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 15:52:36.0708 4156 MSPQM - ok 15:52:36.0740 4156 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys 15:52:36.0755 4156 MsRPC - ok 15:52:36.0786 4156 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 15:52:36.0802 4156 mssmbios - ok 15:52:36.0833 4156 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 15:52:36.0896 4156 MSTEE - ok 15:52:36.0927 4156 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys 15:52:36.0942 4156 Mup - ok 15:52:37.0052 4156 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys 15:52:37.0083 4156 NativeWifiP - ok 15:52:37.0145 4156 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys 15:52:37.0192 4156 NDIS - ok 15:52:37.0223 4156 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 15:52:37.0301 4156 NdisTapi - ok 15:52:37.0332 4156 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 15:52:37.0379 4156 Ndisuio - ok 15:52:37.0426 4156 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys 15:52:37.0473 4156 NdisWan - ok 15:52:37.0488 4156 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 15:52:37.0566 4156 NDProxy - ok 15:52:37.0644 4156 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 15:52:37.0722 4156 NetBIOS - ok 15:52:37.0754 4156 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys 15:52:37.0816 4156 netbt - ok 15:52:37.0910 4156 netr28 (b05ffe38336193a9b988b00b230c5b80) C:\Windows\system32\DRIVERS\netr28.sys 15:52:37.0972 4156 netr28 - ok 15:52:38.0003 4156 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 15:52:38.0019 4156 nfrd960 - ok 15:52:38.0081 4156 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys 15:52:38.0144 4156 Npfs - ok 15:52:38.0159 4156 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 15:52:38.0222 4156 nsiproxy - ok 15:52:38.0284 4156 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys 15:52:38.0378 4156 Ntfs - ok 15:52:38.0409 4156 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 15:52:38.0471 4156 ntrigdigi - ok 15:52:38.0502 4156 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 15:52:38.0580 4156 Null - ok 15:52:38.0596 4156 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 15:52:38.0612 4156 nvraid - ok 15:52:38.0627 4156 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 15:52:38.0643 4156 nvstor - ok 15:52:38.0674 4156 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 15:52:38.0690 4156 nv_agp - ok 15:52:38.0705 4156 NwlnkFlt - ok 15:52:38.0721 4156 NwlnkFwd - ok 15:52:38.0752 4156 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 15:52:38.0861 4156 ohci1394 - ok 15:52:38.0908 4156 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 15:52:39.0017 4156 Parport - ok 15:52:39.0048 4156 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys 15:52:39.0064 4156 partmgr - ok 15:52:39.0080 4156 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 15:52:39.0142 4156 Parvdm - ok 15:52:39.0173 4156 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys 15:52:39.0204 4156 pci - ok 15:52:39.0220 4156 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 15:52:39.0236 4156 pciide - ok 15:52:39.0251 4156 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 15:52:39.0282 4156 pcmcia - ok 15:52:39.0360 4156 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 15:52:39.0501 4156 PEAUTH - ok 15:52:39.0579 4156 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 15:52:39.0641 4156 PptpMiniport - ok 15:52:39.0657 4156 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 15:52:39.0688 4156 Processor - ok 15:52:39.0750 4156 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys 15:52:39.0782 4156 PSched - ok 15:52:39.0875 4156 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 15:52:40.0000 4156 ql2300 - ok 15:52:40.0016 4156 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 15:52:40.0047 4156 ql40xx - ok 15:52:40.0078 4156 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 15:52:40.0125 4156 QWAVEdrv - ok 15:52:40.0156 4156 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 15:52:40.0187 4156 RasAcd - ok 15:52:40.0218 4156 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:52:40.0296 4156 Rasl2tp - ok 15:52:40.0328 4156 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys 15:52:40.0390 4156 RasPppoe - ok 15:52:40.0421 4156 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys 15:52:40.0452 4156 RasSstp - ok 15:52:40.0484 4156 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys 15:52:40.0562 4156 rdbss - ok 15:52:40.0577 4156 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:52:40.0640 4156 RDPCDD - ok 15:52:40.0671 4156 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 15:52:40.0718 4156 rdpdr - ok 15:52:40.0733 4156 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 15:52:40.0780 4156 RDPENCDD - ok 15:52:40.0796 4156 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys 15:52:40.0858 4156 RDPWD - ok 15:52:40.0936 4156 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 15:52:40.0967 4156 rspndr - ok 15:52:41.0014 4156 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys 15:52:41.0108 4156 RTL8169 - ok 15:52:41.0154 4156 RTSTOR (30af53469b2a60f693acb24fbd90abd7) C:\Windows\system32\drivers\RTSTOR.SYS 15:52:41.0232 4156 RTSTOR - ok 15:52:41.0279 4156 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 15:52:41.0295 4156 sbp2port - ok 15:52:41.0342 4156 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 15:52:41.0404 4156 secdrv - ok 15:52:41.0435 4156 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 15:52:41.0498 4156 Serenum - ok 15:52:41.0529 4156 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 15:52:41.0607 4156 Serial - ok 15:52:41.0622 4156 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 15:52:41.0654 4156 sermouse - ok 15:52:41.0685 4156 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 15:52:41.0747 4156 sffdisk - ok 15:52:41.0747 4156 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 15:52:41.0794 4156 sffp_mmc - ok 15:52:41.0810 4156 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 15:52:41.0888 4156 sffp_sd - ok 15:52:41.0888 4156 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 15:52:41.0981 4156 sfloppy - ok 15:52:42.0028 4156 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 15:52:42.0044 4156 sisagp - ok 15:52:42.0075 4156 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 15:52:42.0090 4156 SiSRaid2 - ok 15:52:42.0106 4156 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 15:52:42.0122 4156 SiSRaid4 - ok 15:52:42.0168 4156 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys 15:52:42.0231 4156 Smb - ok 15:52:42.0278 4156 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 15:52:42.0293 4156 spldr - ok 15:52:42.0356 4156 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys 15:52:42.0402 4156 srv - ok 15:52:42.0449 4156 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys 15:52:42.0480 4156 srv2 - ok 15:52:42.0543 4156 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys 15:52:42.0574 4156 srvnet - ok 15:52:42.0652 4156 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 15:52:42.0668 4156 swenum - ok 15:52:42.0714 4156 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 15:52:42.0730 4156 Symc8xx - ok 15:52:42.0746 4156 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 15:52:42.0761 4156 Sym_hi - ok 15:52:42.0777 4156 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 15:52:42.0792 4156 Sym_u3 - ok 15:52:42.0902 4156 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys 15:52:42.0995 4156 Tcpip - ok 15:52:43.0026 4156 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys 15:52:43.0089 4156 Tcpip6 - ok 15:52:43.0120 4156 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys 15:52:43.0167 4156 tcpipreg - ok 15:52:43.0198 4156 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 15:52:43.0276 4156 TDPIPE - ok 15:52:43.0292 4156 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 15:52:43.0323 4156 TDTCP - ok 15:52:43.0370 4156 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys 15:52:43.0401 4156 tdx - ok 15:52:43.0432 4156 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys 15:52:43.0448 4156 TermDD - ok 15:52:43.0510 4156 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:52:43.0588 4156 tssecsrv - ok 15:52:43.0650 4156 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 15:52:43.0713 4156 tunmp - ok 15:52:43.0744 4156 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys 15:52:43.0822 4156 tunnel - ok 15:52:43.0853 4156 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 15:52:43.0869 4156 uagp35 - ok 15:52:43.0900 4156 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys 15:52:43.0962 4156 udfs - ok 15:52:44.0009 4156 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 15:52:44.0025 4156 uliagpkx - ok 15:52:44.0040 4156 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 15:52:44.0072 4156 uliahci - ok 15:52:44.0087 4156 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 15:52:44.0103 4156 UlSata - ok 15:52:44.0118 4156 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 15:52:44.0134 4156 ulsata2 - ok 15:52:44.0181 4156 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 15:52:44.0259 4156 umbus - ok 15:52:44.0306 4156 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 15:52:44.0368 4156 usbccgp - ok 15:52:44.0399 4156 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 15:52:44.0462 4156 usbcir - ok 15:52:44.0508 4156 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys 15:52:44.0571 4156 usbehci - ok 15:52:44.0602 4156 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys 15:52:44.0649 4156 usbhub - ok 15:52:44.0680 4156 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 15:52:44.0758 4156 usbohci - ok 15:52:44.0805 4156 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 15:52:44.0852 4156 usbprint - ok 15:52:44.0914 4156 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 15:52:44.0961 4156 usbscan - ok 15:52:44.0992 4156 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:52:45.0054 4156 USBSTOR - ok 15:52:45.0101 4156 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 15:52:45.0132 4156 usbuhci - ok 15:52:45.0179 4156 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 15:52:45.0242 4156 usbvideo - ok 15:52:45.0273 4156 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 15:52:45.0320 4156 vga - ok 15:52:45.0366 4156 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 15:52:45.0444 4156 VgaSave - ok 15:52:45.0476 4156 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 15:52:45.0491 4156 viaagp - ok 15:52:45.0507 4156 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 15:52:45.0569 4156 ViaC7 - ok 15:52:45.0585 4156 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 15:52:45.0600 4156 viaide - ok 15:52:45.0663 4156 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 15:52:45.0678 4156 volmgr - ok 15:52:45.0694 4156 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys 15:52:45.0725 4156 volmgrx - ok 15:52:45.0741 4156 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys 15:52:45.0772 4156 volsnap - ok 15:52:45.0834 4156 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 15:52:45.0850 4156 vsmraid - ok 15:52:45.0897 4156 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 15:52:46.0006 4156 WacomPen - ok 15:52:46.0037 4156 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 15:52:46.0068 4156 Wanarp - ok 15:52:46.0100 4156 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 15:52:46.0115 4156 Wanarpv6 - ok 15:52:46.0146 4156 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 15:52:46.0162 4156 Wd - ok 15:52:46.0209 4156 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 15:52:46.0256 4156 Wdf01000 - ok 15:52:46.0474 4156 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 15:52:46.0505 4156 WmiAcpi - ok 15:52:46.0552 4156 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 15:52:46.0630 4156 ws2ifsl - ok 15:52:46.0708 4156 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:52:46.0755 4156 WUDFRd - ok 15:52:46.0864 4156 ZTEusbmdm6k (30cc3eb8e7a92e743aa947585ca77963) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys 15:52:46.0911 4156 ZTEusbmdm6k - ok 15:52:46.0942 4156 ZTEusbnmea (30cc3eb8e7a92e743aa947585ca77963) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys 15:52:46.0989 4156 ZTEusbnmea - ok 15:52:47.0020 4156 ZTEusbser6k (30cc3eb8e7a92e743aa947585ca77963) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys 15:52:47.0067 4156 ZTEusbser6k - ok 15:52:47.0160 4156 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 15:52:47.0316 4156 \Device\Harddisk0\DR0 - ok 15:52:47.0332 4156 Boot (0x1200) (d46d51d355278cf9b311c24dcce47feb) \Device\Harddisk0\DR0\Partition0 15:52:47.0332 4156 \Device\Harddisk0\DR0\Partition0 - ok 15:52:47.0348 4156 Boot (0x1200) (a1997d68be44c20c8a42e6b7776176f0) \Device\Harddisk0\DR0\Partition1 15:52:47.0348 4156 \Device\Harddisk0\DR0\Partition1 - ok 15:52:47.0348 4156 ============================================================ 15:52:47.0348 4156 Scan finished 15:52:47.0348 4156 ============================================================ 15:52:47.0379 1040 Detected object count: 1 15:52:47.0379 1040 Actual detected object count: 1 15:54:08.0452 1040 MGHwCtrl ( UnsignedFile.Multi.Generic ) - skipped by user 15:54:08.0452 1040 MGHwCtrl ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:54:21.0182 5708 ============================================================ 15:54:21.0182 5708 Scan started 15:54:21.0182 5708 Mode: Manual; SigCheck; TDLFS; 15:54:21.0182 5708 ============================================================ 15:54:21.0665 5708 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys 15:54:21.0696 5708 ACPI - ok 15:54:21.0743 5708 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 15:54:21.0774 5708 adp94xx - ok 15:54:21.0806 5708 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 15:54:21.0821 5708 adpahci - ok 15:54:21.0837 5708 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 15:54:21.0868 5708 adpu160m - ok 15:54:21.0884 5708 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 15:54:21.0899 5708 adpu320 - ok 15:54:21.0962 5708 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys 15:54:21.0977 5708 AFD - ok 15:54:22.0008 5708 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 15:54:22.0024 5708 agp440 - ok 15:54:22.0040 5708 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 15:54:22.0071 5708 aic78xx - ok 15:54:22.0086 5708 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 15:54:22.0102 5708 aliide - ok 15:54:22.0118 5708 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 15:54:22.0133 5708 amdagp - ok 15:54:22.0149 5708 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 15:54:22.0164 5708 amdide - ok 15:54:22.0180 5708 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 15:54:22.0211 5708 AmdK7 - ok 15:54:22.0242 5708 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 15:54:22.0274 5708 AmdK8 - ok 15:54:22.0289 5708 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 15:54:22.0305 5708 arc - ok 15:54:22.0336 5708 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 15:54:22.0352 5708 arcsas - ok 15:54:22.0367 5708 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 15:54:22.0414 5708 AsyncMac - ok 15:54:22.0430 5708 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys 15:54:22.0445 5708 atapi - ok 15:54:22.0539 5708 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 15:54:22.0554 5708 AVGIDSDriver - ok 15:54:22.0632 5708 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 15:54:22.0632 5708 AVGIDSEH - ok 15:54:22.0664 5708 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 15:54:22.0679 5708 AVGIDSFilter - ok 15:54:22.0742 5708 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys 15:54:22.0757 5708 AVGIDSShim - ok 15:54:22.0804 5708 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys 15:54:22.0820 5708 Avgldx86 - ok 15:54:22.0866 5708 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys 15:54:22.0882 5708 Avgmfx86 - ok 15:54:22.0929 5708 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys 15:54:22.0944 5708 Avgrkx86 - ok 15:54:22.0991 5708 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys 15:54:23.0007 5708 Avgtdix - ok 15:54:23.0054 5708 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 15:54:23.0085 5708 Beep - ok 15:54:23.0132 5708 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 15:54:23.0163 5708 blbdrive - ok 15:54:23.0210 5708 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys 15:54:23.0225 5708 bowser - ok 15:54:23.0241 5708 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 15:54:23.0272 5708 BrFiltLo - ok 15:54:23.0288 5708 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 15:54:23.0319 5708 BrFiltUp - ok 15:54:23.0366 5708 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 15:54:23.0412 5708 Brserid - ok 15:54:23.0428 5708 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 15:54:23.0490 5708 BrSerWdm - ok 15:54:23.0506 5708 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 15:54:23.0568 5708 BrUsbMdm - ok 15:54:23.0584 5708 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 15:54:23.0646 5708 BrUsbSer - ok 15:54:23.0646 5708 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 15:54:23.0709 5708 BTHMODEM - ok 15:54:23.0771 5708 Cam5603D (c67978dbfe659dce83708219f70a4f41) C:\Windows\system32\Drivers\BisonCam.sys 15:54:23.0818 5708 Cam5603D - ok 15:54:23.0849 5708 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 15:54:23.0880 5708 cdfs - ok 15:54:23.0912 5708 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys 15:54:23.0943 5708 cdrom - ok 15:54:23.0974 5708 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 15:54:24.0005 5708 circlass - ok 15:54:24.0052 5708 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys 15:54:24.0068 5708 CLFS - ok 15:54:24.0130 5708 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 15:54:24.0161 5708 CmBatt - ok 15:54:24.0177 5708 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 15:54:24.0192 5708 cmdide - ok 15:54:24.0208 5708 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 15:54:24.0224 5708 Compbatt - ok 15:54:24.0255 5708 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 15:54:24.0270 5708 crcdisk - ok 15:54:24.0286 5708 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 15:54:24.0317 5708 Crusoe - ok 15:54:24.0411 5708 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys 15:54:24.0458 5708 DfsC - ok 15:54:24.0489 5708 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys 15:54:24.0504 5708 disk - ok 15:54:24.0567 5708 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 15:54:24.0598 5708 drmkaud - ok 15:54:24.0645 5708 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys 15:54:24.0707 5708 DXGKrnl - ok 15:54:24.0770 5708 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 15:54:24.0801 5708 E1G60 - ok 15:54:24.0832 5708 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys 15:54:24.0863 5708 Ecache - ok 15:54:24.0910 5708 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 15:54:24.0941 5708 elxstor - ok 15:54:24.0957 5708 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 15:54:25.0004 5708 ErrDev - ok 15:54:25.0035 5708 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys 15:54:25.0066 5708 exfat - ok 15:54:25.0082 5708 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys 15:54:25.0128 5708 fastfat - ok 15:54:25.0144 5708 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 15:54:25.0175 5708 fdc - ok 15:54:25.0191 5708 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 15:54:25.0222 5708 FileInfo - ok 15:54:25.0238 5708 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 15:54:25.0269 5708 Filetrace - ok 15:54:25.0284 5708 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 15:54:25.0316 5708 flpydisk - ok 15:54:25.0362 5708 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys 15:54:25.0378 5708 FltMgr - ok 15:54:25.0409 5708 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 15:54:25.0425 5708 Fs_Rec - ok 15:54:25.0472 5708 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 15:54:25.0487 5708 gagp30kx - ok 15:54:25.0550 5708 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 15:54:25.0612 5708 HdAudAddService - ok 15:54:25.0628 5708 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:54:25.0674 5708 HDAudBus - ok 15:54:25.0690 5708 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 15:54:25.0752 5708 HidBth - ok 15:54:25.0768 5708 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 15:54:25.0830 5708 HidIr - ok 15:54:25.0862 5708 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys 15:54:25.0908 5708 HidUsb - ok 15:54:25.0924 5708 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 15:54:25.0940 5708 HpCISSs - ok 15:54:26.0002 5708 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys 15:54:26.0049 5708 HTTP - ok 15:54:26.0127 5708 hwdatacard (4e370a583e78b614918c8f2cd5b733ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys 15:54:26.0174 5708 hwdatacard - ok 15:54:26.0205 5708 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 15:54:26.0220 5708 i2omp - ok 15:54:26.0252 5708 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 15:54:26.0283 5708 i8042prt - ok 15:54:26.0314 5708 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 15:54:26.0330 5708 iaStorV - ok 15:54:26.0439 5708 igfx (63c56dac467ef814b60ff2aa2286c917) C:\Windows\system32\DRIVERS\igdkmd32.sys 15:54:26.0610 5708 igfx - ok 15:54:26.0626 5708 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 15:54:26.0642 5708 iirsp - ok 15:54:26.0751 5708 IntcAzAudAddService (dcdfe561f177105e1e365733f09f3e30) C:\Windows\system32\drivers\RTKVHDA.sys 15:54:26.0891 5708 IntcAzAudAddService - ok 15:54:26.0922 5708 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 15:54:26.0938 5708 intelide - ok 15:54:26.0954 5708 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 15:54:26.0985 5708 intelppm - ok 15:54:27.0016 5708 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:54:27.0063 5708 IpFilterDriver - ok 15:54:27.0078 5708 IpInIp - ok 15:54:27.0094 5708 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 15:54:27.0125 5708 IPMIDRV - ok 15:54:27.0141 5708 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 15:54:27.0188 5708 IPNAT - ok 15:54:27.0203 5708 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 15:54:27.0234 5708 IRENUM - ok 15:54:27.0266 5708 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 15:54:27.0281 5708 isapnp - ok 15:54:27.0328 5708 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys 15:54:27.0344 5708 iScsiPrt - ok 15:54:27.0359 5708 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 15:54:27.0375 5708 iteatapi - ok 15:54:27.0422 5708 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 15:54:27.0437 5708 iteraid - ok 15:54:27.0468 5708 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 15:54:27.0484 5708 kbdclass - ok 15:54:27.0500 5708 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 15:54:27.0546 5708 kbdhid - ok 15:54:27.0656 5708 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys 15:54:27.0687 5708 KSecDD - ok 15:54:27.0718 5708 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 15:54:27.0749 5708 lltdio - ok 15:54:27.0796 5708 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 15:54:27.0812 5708 LSI_FC - ok 15:54:27.0827 5708 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 15:54:27.0858 5708 LSI_SAS - ok 15:54:27.0874 5708 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 15:54:27.0905 5708 LSI_SCSI - ok 15:54:27.0936 5708 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 15:54:27.0968 5708 luafv - ok 15:54:28.0014 5708 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys 15:54:28.0030 5708 MBAMProtector - ok 15:54:28.0046 5708 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 15:54:28.0077 5708 megasas - ok 15:54:28.0124 5708 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 15:54:28.0139 5708 MegaSR - ok 15:54:28.0186 5708 MGHwCtrl (e5292521916cea4937fbabcb1532f676) C:\Windows\system32\drivers\MGHwCtrl.sys 15:54:28.0186 5708 MGHwCtrl ( UnsignedFile.Multi.Generic ) - warning 15:54:28.0186 5708 MGHwCtrl - detected UnsignedFile.Multi.Generic (1) 15:54:28.0217 5708 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 15:54:28.0264 5708 Modem - ok 15:54:28.0280 5708 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 15:54:28.0311 5708 monitor - ok 15:54:28.0326 5708 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 15:54:28.0342 5708 mouclass - ok 15:54:28.0373 5708 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 15:54:28.0420 5708 mouhid - ok 15:54:28.0436 5708 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 15:54:28.0451 5708 MountMgr - ok 15:54:28.0467 5708 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 15:54:28.0498 5708 mpio - ok 15:54:28.0514 5708 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 15:54:28.0560 5708 mpsdrv - ok 15:54:28.0576 5708 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 15:54:28.0592 5708 Mraid35x - ok 15:54:28.0638 5708 MREMP50 - ok 15:54:28.0654 5708 MREMP50a64 - ok 15:54:28.0670 5708 MREMPR5 - ok 15:54:28.0670 5708 MRENDIS5 - ok 15:54:28.0685 5708 MRESP50 - ok 15:54:28.0701 5708 MRESP50a64 - ok 15:54:28.0716 5708 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys 15:54:28.0732 5708 MRxDAV - ok 15:54:28.0794 5708 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:54:28.0841 5708 mrxsmb - ok 15:54:28.0904 5708 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:54:28.0935 5708 mrxsmb10 - ok 15:54:28.0966 5708 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:54:28.0982 5708 mrxsmb20 - ok 15:54:28.0997 5708 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 15:54:29.0013 5708 msahci - ok 15:54:29.0044 5708 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 15:54:29.0075 5708 msdsm - ok 15:54:29.0106 5708 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 15:54:29.0138 5708 Msfs - ok 15:54:29.0169 5708 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 15:54:29.0184 5708 msisadrv - ok 15:54:29.0231 5708 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 15:54:29.0262 5708 MSKSSRV - ok 15:54:29.0278 5708 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 15:54:29.0309 5708 MSPCLOCK - ok 15:54:29.0340 5708 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 15:54:29.0372 5708 MSPQM - ok 15:54:29.0387 5708 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys 15:54:29.0403 5708 MsRPC - ok 15:54:29.0450 5708 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 15:54:29.0465 5708 mssmbios - ok 15:54:29.0481 5708 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 15:54:29.0512 5708 MSTEE - ok 15:54:29.0528 5708 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys 15:54:29.0559 5708 Mup - ok 15:54:29.0606 5708 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys 15:54:29.0652 5708 NativeWifiP - ok 15:54:29.0699 5708 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys 15:54:29.0777 5708 NDIS - ok 15:54:29.0808 5708 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 15:54:29.0840 5708 NdisTapi - ok 15:54:29.0855 5708 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 15:54:29.0902 5708 Ndisuio - ok 15:54:29.0918 5708 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys 15:54:29.0964 5708 NdisWan - ok 15:54:29.0996 5708 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 15:54:30.0027 5708 NDProxy - ok 15:54:30.0042 5708 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 15:54:30.0089 5708 NetBIOS - ok 15:54:30.0105 5708 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys 15:54:30.0152 5708 netbt - ok 15:54:30.0214 5708 netr28 (b05ffe38336193a9b988b00b230c5b80) C:\Windows\system32\DRIVERS\netr28.sys 15:54:30.0261 5708 netr28 - ok 15:54:30.0292 5708 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 15:54:30.0308 5708 nfrd960 - ok 15:54:30.0339 5708 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys 15:54:30.0370 5708 Npfs - ok 15:54:30.0386 5708 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 15:54:30.0432 5708 nsiproxy - ok 15:54:30.0495 5708 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys 15:54:30.0588 5708 Ntfs - ok 15:54:30.0620 5708 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 15:54:30.0666 5708 ntrigdigi - ok 15:54:30.0698 5708 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 15:54:30.0744 5708 Null - ok 15:54:30.0760 5708 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 15:54:30.0776 5708 nvraid - ok 15:54:30.0791 5708 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 15:54:30.0807 5708 nvstor - ok 15:54:30.0838 5708 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 15:54:30.0869 5708 nv_agp - ok 15:54:30.0869 5708 NwlnkFlt - ok 15:54:30.0885 5708 NwlnkFwd - ok 15:54:30.0916 5708 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 15:54:30.0978 5708 ohci1394 - ok 15:54:31.0010 5708 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 15:54:31.0072 5708 Parport - ok 15:54:31.0103 5708 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys 15:54:31.0119 5708 partmgr - ok 15:54:31.0134 5708 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 15:54:31.0181 5708 Parvdm - ok 15:54:31.0212 5708 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys 15:54:31.0244 5708 pci - ok 15:54:31.0259 5708 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 15:54:31.0275 5708 pciide - ok 15:54:31.0306 5708 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 15:54:31.0322 5708 pcmcia - ok 15:54:31.0384 5708 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 15:54:31.0509 5708 PEAUTH - ok 15:54:31.0587 5708 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 15:54:31.0634 5708 PptpMiniport - ok 15:54:31.0665 5708 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 15:54:31.0696 5708 Processor - ok 15:54:31.0758 5708 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys 15:54:31.0790 5708 PSched - ok 15:54:31.0852 5708 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 15:54:31.0992 5708 ql2300 - ok 15:54:32.0008 5708 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 15:54:32.0024 5708 ql40xx - ok 15:54:32.0070 5708 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 15:54:32.0086 5708 QWAVEdrv - ok 15:54:32.0117 5708 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 15:54:32.0148 5708 RasAcd - ok 15:54:32.0180 5708 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:54:32.0211 5708 Rasl2tp - ok 15:54:32.0242 5708 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys 15:54:32.0289 5708 RasPppoe - ok 15:54:32.0304 5708 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys 15:54:32.0336 5708 RasSstp - ok 15:54:32.0367 5708 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys 15:54:32.0414 5708 rdbss - ok 15:54:32.0429 5708 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:54:32.0460 5708 RDPCDD - ok 15:54:32.0507 5708 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 15:54:32.0538 5708 rdpdr - ok 15:54:32.0554 5708 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 15:54:32.0585 5708 RDPENCDD - ok 15:54:32.0616 5708 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys 15:54:32.0663 5708 RDPWD - ok 15:54:32.0710 5708 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 15:54:32.0757 5708 rspndr - ok 15:54:32.0804 5708 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys 15:54:32.0850 5708 RTL8169 - ok 15:54:32.0882 5708 RTSTOR (30af53469b2a60f693acb24fbd90abd7) C:\Windows\system32\drivers\RTSTOR.SYS 15:54:32.0913 5708 RTSTOR - ok 15:54:32.0944 5708 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 15:54:32.0960 5708 sbp2port - ok 15:54:33.0006 5708 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 15:54:33.0069 5708 secdrv - ok 15:54:33.0100 5708 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 15:54:33.0162 5708 Serenum - ok 15:54:33.0178 5708 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 15:54:33.0240 5708 Serial - ok 15:54:33.0272 5708 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 15:54:33.0303 5708 sermouse - ok 15:54:33.0334 5708 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 15:54:33.0365 5708 sffdisk - ok 15:54:33.0381 5708 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 15:54:33.0428 5708 sffp_mmc - ok 15:54:33.0443 5708 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 15:54:33.0474 5708 sffp_sd - ok 15:54:33.0490 5708 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 15:54:33.0552 5708 sfloppy - ok 15:54:33.0568 5708 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 15:54:33.0599 5708 sisagp - ok 15:54:33.0615 5708 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 15:54:33.0630 5708 SiSRaid2 - ok 15:54:33.0662 5708 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 15:54:33.0677 5708 SiSRaid4 - ok 15:54:33.0724 5708 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys 15:54:33.0755 5708 Smb - ok 15:54:33.0786 5708 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 15:54:33.0802 5708 spldr - ok 15:54:33.0864 5708 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys 15:54:33.0911 5708 srv - ok 15:54:33.0974 5708 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys 15:54:34.0020 5708 srv2 - ok 15:54:34.0067 5708 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys 15:54:34.0098 5708 srvnet - ok 15:54:34.0145 5708 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 15:54:34.0161 5708 swenum - ok 15:54:34.0208 5708 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 15:54:34.0223 5708 Symc8xx - ok 15:54:34.0239 5708 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 15:54:34.0254 5708 Sym_hi - ok 15:54:34.0286 5708 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 15:54:34.0301 5708 Sym_u3 - ok 15:54:34.0395 5708 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys 15:54:34.0473 5708 Tcpip - ok 15:54:34.0504 5708 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys 15:54:34.0566 5708 Tcpip6 - ok 15:54:34.0598 5708 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys 15:54:34.0629 5708 tcpipreg - ok 15:54:34.0660 5708 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 15:54:34.0691 5708 TDPIPE - ok 15:54:34.0707 5708 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 15:54:34.0754 5708 TDTCP - ok 15:54:34.0785 5708 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys 15:54:34.0816 5708 tdx - ok 15:54:34.0847 5708 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys 15:54:34.0863 5708 TermDD - ok 15:54:34.0910 5708 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:54:34.0941 5708 tssecsrv - ok 15:54:34.0972 5708 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 15:54:35.0019 5708 tunmp - ok 15:54:35.0050 5708 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys 15:54:35.0081 5708 tunnel - ok 15:54:35.0112 5708 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 15:54:35.0144 5708 uagp35 - ok 15:54:35.0159 5708 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys 15:54:35.0206 5708 udfs - ok 15:54:35.0237 5708 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 15:54:35.0268 5708 uliagpkx - ok 15:54:35.0284 5708 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 15:54:35.0315 5708 uliahci - ok 15:54:35.0331 5708 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 15:54:35.0346 5708 UlSata - ok 15:54:35.0362 5708 ulsata2
  • En dan nog de log van Combofix: Hot duurt even voordat ik dit weer kan controleren, omdat ik maar één keer in de twee weken bij mijn ouders kom ... Bedankt alvast ... Vriendelijke Groet, Bianca Kuik. ComboFix 12-01-29.01 - Tieme 29-01-2012 16:16:01.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.2039.1101 [GMT 1:00] Gestart vanuit: c:\users\Tieme\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\sss c:\program files\sss\licence.txt c:\program files\sss\ReadMe.txt c:\program files\sss\SimpleScreenshot.exe c:\programdata\SPL49A8.tmp c:\programdata\SPL4D67.tmp c:\programdata\SPL74E8.tmp c:\programdata\SPLF161.tmp c:\users\Tieme\Documents\~WRL0003.tmp c:\users\Tieme\Documents\~WRL2059.tmp c:\windows\system\BisonCam.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-28 to 2012-01-29 )))))))))))))))))))))))))))))) . . 2012-01-29 15:48 . 2012-01-29 15:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-14 15:45 . 2012-01-14 15:45 388096 ----a-r- c:\users\Tieme\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-14 15:45 . 2012-01-14 15:45 -------- d-----w- c:\program files\Trend Micro 2012-01-10 17:13 . 2012-01-15 14:47 -------- d-----w- c:\programdata\AVG Secure Search . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-10 14:24 . 2011-09-15 16:25 20464 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-01-15 14:46 1811296 ----a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-01-15 1811296] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-25 170520] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-17 5320704] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2007-03-15 32768] "BsMnt"="c:\windows\BisonCam\BsMnt.exe" [2007-03-15 172032] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-06-27 561152] "MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-03-13 2060288] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-06-29 286720] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] "LXCFCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [2005-09-14 73728] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-01-15 939872] "ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-15 928096] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - 39893553 *Deregistered* - 39893553 . Inhoud van de 'Gedeelde Taken' map . 2012-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-29 12:45] . 2012-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-29 12:45] . 2012-01-29 c:\windows\Tasks\User_Feed_Synchronization-{178228E2-2D84-4E02-A89F-4E627E74743D}.job - c:\windows\system32\msfeedssync.exe [2011-06-16 04:32] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx Trusted Zone: ziggo.nl\thuishelp TCP: DhcpNameServer = 212.54.35.25 212.54.40.25 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-01-29 16:49 Windows 6.0.6001 Service Pack 1 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCFCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,RunDLLEntry??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-01-29 16:52:44 ComboFix-quarantined-files.txt 2012-01-29 15:52 . Pre-Run: 74.153.328.640 bytes beschikbaar Post-Run: 75.447.078.912 bytes beschikbaar . - - End Of File - - EB3DDBF7228A7989F0C7380C48562DA5
  • Laat mij dan weten hoe het daan nu gaat met met dat notebook. En de volgende keer mag je de [b:a4e79771a1][url=http://www.eset.com/onlinescan/]de ESET online scan doen (Klik).[/url][/b:a4e79771a1] [list:a4e79771a1] [*:a4e79771a1]Klik op de knop [b:a4e79771a1]ESET Online Scanner[/b:a4e79771a1] [*:a4e79771a1]Zet een vinkje bij [b:a4e79771a1]YES, I accept the Terms of Use[/b:a4e79771a1] [*:a4e79771a1]Klik op [b:a4e79771a1]Start[/b:a4e79771a1] [*:a4e79771a1]Sta het ActiveX control toe om te installeren. [*:a4e79771a1]Zet een vinkje bij de volgende opties: [list:a4e79771a1][*:a4e79771a1][b:a4e79771a1]Remove found threats[/b:a4e79771a1] [*:a4e79771a1][b:a4e79771a1]Scan archives[/b:a4e79771a1][/list:u:a4e79771a1] [*:a4e79771a1]Klik vervolgens op [b:a4e79771a1][color=#0000FF:a4e79771a1]"Advanced Settings"[/color:a4e79771a1][/b:a4e79771a1] [list:a4e79771a1][*:a4e79771a1][b:a4e79771a1]Scan for potentially unwanted applications[/b:a4e79771a1] [*:a4e79771a1][b:a4e79771a1]Scan for potentially unsafe applications[/b:a4e79771a1] [*:a4e79771a1][b:a4e79771a1]Enable Anti-Stealth technology [/b:a4e79771a1][/list:u:a4e79771a1] [*:a4e79771a1]Klik op [b:a4e79771a1]Start[/b:a4e79771a1] [*:a4e79771a1]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:a4e79771a1]is de scan klaar, klik dan op [b:a4e79771a1][color=#0000FF:a4e79771a1]> List of found threats[/color:a4e79771a1][/b:a4e79771a1] [*:a4e79771a1]Klik vervolgens op [color=#0000FF:a4e79771a1][b:a4e79771a1]> Export to text file....[/b:a4e79771a1][/color:a4e79771a1] [*:a4e79771a1]Als opslaglokatie Bureaublad en geef het kladblokbestand een duidelijke titel. [*:a4e79771a1]Daarna mag jij het venster sluiten omdat de scan klaar is. [*:a4e79771a1]Open vervolgens het log dat op je bureaublad staat. [*:a4e79771a1]En kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:a4e79771a1] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Hoi, Heel erg bedankt voor het antwoord. Mijn ouders zijn weer een maand weggeweest, vandaar dat ik niet eerder heb kunnen controleren hoe het ervoor stond met de laptop. Hij is nog steeds wel traag, vooral met opstarten. Ik heb de scan gedraaid en hij heeft geen threads gevonden, dus dat ziet er wel goed uit. Als er nog andere mogelijkheden of tips zijn, dan houd ik me aanbevolen. Voor zover tenminste heel erg veel dank. Vriendelijke Groet, Bianca Kuik.
  • Laat eens weten hoeveel werkgeheugen in dat notebook zit.
  • Hoi, Het geheugen in de computer is 2G. Vandaag heb ik een paar uur achter de computer gewerkt en hij is nog steeds erg langzaam. Je moet alle geduld van de wereld hebben ;-). Groetjes, Bianca.
  • Doe het volgende: [b:9d1824750a]Welk programma[/b:9d1824750a]: [color=#008000:9d1824750a][b:9d1824750a]OTL.com[/b:9d1824750a][/color:9d1824750a] [b:9d1824750a]Waarvoor/waarom[/b:9d1824750a]: multifunktioneel tool - analyse en fix [b:9d1824750a]Moeilijkheidsgraad[/b:9d1824750a]: geen. [b:9d1824750a]Download[/b:9d1824750a]: [url=http://oldtimer.geekstogo.com/OTL.com][b:9d1824750a][color=red:9d1824750a]OTL[/color:9d1824750a][/b:9d1824750a][/url] en plaats het bestand op het bureaublad. [b:9d1824750a][color=#008000:9d1824750a]OTL.com[/color:9d1824750a] gebruiken[/b:9d1824750a]: [list:9d1824750a][*:9d1824750a] [b:9d1824750a][color=#0000FF:9d1824750a]Sluit nu eerst alle nog openstaande programmavensters![/color:9d1824750a][/b:9d1824750a] [list:9d1824750a][*:9d1824750a]Dubblklik op [img:9d1824750a]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:9d1824750a] [/list:u:9d1824750a][/list:u:9d1824750a] [list:9d1824750a][*:9d1824750a]Zet een vinkje bij [color=#0000FF:9d1824750a][b:9d1824750a]Scan All Users[/b:9d1824750a][/color:9d1824750a]. [*:9d1824750a]Klik op [img:9d1824750a]http://www.imgdumper.nl/uploads5/4f9112fd1172c/4f9112fd11340-OTL-3.png[/img:9d1824750a]. [*:9d1824750a]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:9d1824750a]De scan zal niet heel erg lang duren. [list:9d1824750a][*:9d1824750a]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:9d1824750a]OTL.Txt[/b:9d1824750a] en [b:9d1824750a]Extras.txt[/b:9d1824750a]. [*:9d1824750a]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:9d1824750a] [*:9d1824750a][color=#008000:9d1824750a][b:9d1824750a]Notabene:[/b:9d1824750a][/color:9d1824750a] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:9d1824750a]
  • Hoi, Hierbij de log-bestanden. [b:29fa22c724]OTL.txt:[/b:29fa22c724] OTL logfile created on: 29-4-2012 17:35:11 - Run 1 OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Tieme\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 1,99 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 54,39% Memory free 4,21 Gb Paging File | 3,05 Gb Available in Paging File | 72,40% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 129,24 Gb Total Space | 77,48 Gb Free Space | 59,95% Space Free | Partition Type: NTFS Drive D: | 19,80 Gb Total Space | 13,68 Gb Free Space | 69,10% Space Free | Partition Type: FAT32 Computer Name: PC_VAN_TIEME | User Name: Tieme | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:29fa22c724]========== Processes (SafeList) ==========[/color:29fa22c724] PRC - [2012-04-29 17:34:31 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Tieme\Desktop\OTL.com PRC - [2012-03-12 14:32:03 | 000,918,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe PRC - [2012-03-12 14:32:01 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2012-01-24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012-01-23 06:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2012-01-23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011-12-24 18:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011-12-24 18:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011-11-28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe PRC - [2011-10-10 07:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2011-07-03 15:15:50 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010-04-14 19:01:24 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeecoms.exe PRC - [2008-10-29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-06-27 10:57:34 | 000,561,152 | ---- | M] (MSI) -- C:\Program Files\System Control Manager\MGSysCtrl.exe PRC - [2008-03-17 14:17:32 | 005,320,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-03-13 20:09:10 | 002,060,288 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe PRC - [2008-03-13 20:08:58 | 000,024,576 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe PRC - [2008-02-18 17:29:02 | 002,221,352 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe PRC - [2007-08-23 14:37:18 | 000,061,440 | ---- | M] () -- C:\Program Files\System Control Manager\edd.exe PRC - [2007-03-15 16:37:20 | 000,032,768 | ---- | M] () -- C:\Windows\BisonCam\BisonHK.exe PRC - [2007-03-15 16:34:06 | 000,172,032 | ---- | M] () -- C:\Windows\BisonCam\BsMnt.exe PRC - [2007-02-23 12:27:50 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcfcoms.exe [color=#E56717:29fa22c724]========== Modules (No Company Name) ==========[/color:29fa22c724] MOD - [2012-03-12 14:32:01 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2011-06-18 15:32:36 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll MOD - [2011-06-18 15:28:29 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll MOD - [2011-06-18 15:28:06 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll MOD - [2011-06-18 15:28:03 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\fdbb4d76b37aada9010c49a6e09da067\System.Transactions.ni.dll MOD - [2011-06-18 15:27:52 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\6a39ee17f7cefb77c8e98dbfb72b058b\System.Security.ni.dll MOD - [2011-06-18 15:27:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll MOD - [2011-06-18 14:27:14 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll MOD - [2011-06-18 14:26:12 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll MOD - [2011-06-18 14:25:56 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll MOD - [2011-06-18 14:25:32 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ca69ec9d6589d3526ee38212ef28e2bb\System.Data.ni.dll MOD - [2011-06-18 14:24:00 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll MOD - [2011-06-18 14:23:39 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2008-09-16 00:24:41 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2008-07-27 20:03:15 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2008-07-27 20:03:15 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2008-06-27 10:57:24 | 000,110,592 | ---- | M] () -- C:\Windows\System32\MGHwCtrl.dll MOD - [2008-01-21 04:24:29 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll MOD - [2007-03-15 16:37:20 | 000,032,768 | ---- | M] () -- C:\Windows\BisonCam\BisonHK.exe MOD - [2007-03-15 16:35:36 | 000,024,576 | ---- | M] () -- C:\Windows\BisonCam\KBHookDLL.dll MOD - [2007-03-15 16:34:06 | 000,172,032 | ---- | M] () -- C:\Windows\BisonCam\BsMnt.exe MOD - [2005-08-26 11:41:14 | 000,010,752 | ---- | M] () -- C:\Program Files\System Control Manager\MGKBHook.dll MOD - [2004-07-06 15:12:00 | 000,290,816 | ---- | M] () -- C:\Program Files\System Control Manager\CmSuppX.dll [color=#E56717:29fa22c724]========== Win32 Services (SafeList) ==========[/color:29fa22c724] SRV - File not found [Auto | Stopped] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM) SRV - [2012-03-12 14:32:03 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0) SRV - [2012-01-23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2011-12-24 18:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-10-21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-10-13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-09-01 09:17:00 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-04-14 19:01:24 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeecoms.exe -- (lxee_device) SRV - [2008-03-13 20:08:58 | 000,024,576 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-08-23 14:37:18 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\System Control Manager\edd.exe -- (NishService) SRV - [2007-02-23 12:27:50 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcfcoms.exe -- (lxcf_device) [color=#E56717:29fa22c724]========== Driver Services (SafeList) ==========[/color:29fa22c724] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Tieme\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2011-12-10 16:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-10-07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2011-10-04 07:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-07-11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011-07-11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV - [2011-07-11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2008-03-07 15:38:42 | 000,100,608 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2008-03-07 15:38:38 | 000,100,608 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2008-03-07 15:38:36 | 000,100,608 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2008-03-07 14:46:32 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008-02-14 14:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007-08-20 12:16:32 | 000,783,272 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2006-12-22 05:21:52 | 000,019,456 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MGHwCtrl.sys -- (MGHwCtrl) [color=#E56717:29fa22c724]========== Standard Registry (SafeList) ==========[/color:29fa22c724] [color=#E56717:29fa22c724]========== Internet Explorer ==========[/color:29fa22c724] IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul = IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul = IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7MEDA_nl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=xChuVC0Hv1P0Q9amnh20camUIvM?q={searchTerms} IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={DF26B960-CA73-4152-AEF0-FF4C87A7391B}&mid=d677045625a02a67246142f31ebf2e7e-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=nl&ds=AVG&pr=fr&d=2011-11-06 17:09:19&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes\{DDD84D0C-7081-4764-BAD0-A4265CA0B533}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:29fa22c724]========== FireFox ==========[/color:29fa22c724] FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tieme\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tieme\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-01 15:37:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012-03-12 14:32:59 | 000,000,000 | ---D | M] [2009-09-22 20:27:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tieme\AppData\Roaming\mozilla\Extensions [2009-09-22 20:27:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tieme\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012-03-14 15:14:29 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM [color=#E56717:29fa22c724]========== Chrome ==========[/color:29fa22c724] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Tieme\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tieme\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tieme\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Tieme\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa3\npPicasa3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Tieme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Zoeken = C:\Users\Tieme\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: AVG Safe Search = C:\Users\Tieme\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\ CHR - Extension: Gmail = C:\Users\Tieme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-01-29 17:49:36 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll () O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [BisonHK] C:\Windows\BisonCam\BisonHK.exe () O4 - HKLM..\Run: [BsMnt] C:\Windows\BisonCam\BsMnt.exe () O4 - HKLM..\Run: [LXCFCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCFtime.DLL () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (MSI) O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O15 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..Trusted Domains: ziggo.nl ([thuishelp] https in Trusted sites) O15 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab (MSN Photo Upload Tool) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.35.25 212.54.40.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A9840D3-C0B3-4793-B474-19E95E9506A5}: DhcpNameServer = 212.54.35.25 212.54.40.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C39951A5-AB81-42C8-B95B-ED4990BAE560}: DhcpNameServer = 192.168.176.1 192.168.176.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Tieme\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Tieme\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717:29fa22c724]========== Files/Folders - Created Within 30 Days ==========[/color:29fa22c724] [2012-04-29 17:34:28 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Tieme\Desktop\OTL.com [2012-04-29 14:27:35 | 000,000,000 | ---D | C] -- C:\Users\Tieme\Documents\Philips TV [2012-04-15 14:52:08 | 000,000,000 | ---D | C] -- C:\Users\Tieme\AppData\Local\{2207D69C-2AFF-4AB9-B4A2-441C1F3BDF89} [2012-04-14 19:58:56 | 000,000,000 | ---D | C] -- C:\01a1a03bf9acf57ff0bc [2012-04-14 17:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-04-02 16:30:57 | 000,000,000 | ---D | C] -- C:\Users\Tieme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [color=#E56717:29fa22c724]========== Files - Modified Within 30 Days ==========[/color:29fa22c724] [2012-04-29 17:34:31 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Tieme\Desktop\OTL.com [2012-04-29 17:34:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2410586063-1504387845-2777331494-1000UA.job [2012-04-29 17:14:59 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-29 17:14:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-29 17:14:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-29 17:14:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-29 17:14:03 | 2136,289,280 | -HS- | M] () -- C:\hiberfil.sys [2012-04-29 17:07:01 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-29 16:34:03 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2410586063-1504387845-2777331494-1000Core.job [2012-04-29 14:52:17 | 000,320,316 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm [2012-04-29 13:46:43 | 096,579,315 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2012-04-29 13:45:47 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{178228E2-2D84-4E02-A89F-4E627E74743D}.job [2012-04-27 13:14:33 | 000,053,471 | ---- | M] () -- C:\Windows\KernelMessage [2012-04-24 14:15:56 | 000,677,188 | ---- | M] () -- C:\Windows\System32\perfh013.dat [2012-04-24 14:15:56 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-24 14:15:56 | 000,130,186 | ---- | M] () -- C:\Windows\System32\perfc013.dat [2012-04-24 14:15:56 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-13 18:34:13 | 000,002,611 | ---- | M] () -- C:\Users\Tieme\Desktop\Microsoft Word.lnk [2012-04-12 14:38:43 | 000,002,008 | ---- | M] () -- C:\Users\Tieme\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [color=#E56717:29fa22c724]========== Files Created - No Company Name ==========[/color:29fa22c724] [2012-04-02 16:31:14 | 000,002,008 | ---- | C] () -- C:\Users\Tieme\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012-04-02 16:29:27 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2410586063-1504387845-2777331494-1000UA.job [2012-04-02 16:29:26 | 000,001,014 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2410586063-1504387845-2777331494-1000Core.job [2012-01-29 17:13:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012-01-29 17:13:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012-01-29 17:13:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012-01-29 17:13:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012-01-29 17:13:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011-09-07 17:30:36 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2011-08-17 16:42:12 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcfinpa.dll [2011-08-17 16:42:12 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcfiesc.dll [2011-08-17 16:42:12 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcfhcp.dll [2011-08-17 16:42:12 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxcfinst.dll [2011-08-17 16:42:11 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcfserv.dll [2011-08-17 16:42:11 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcfusb1.dll [2011-08-17 16:42:11 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcfhbn3.dll [2011-08-17 16:42:11 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcfpmui.dll [2011-08-17 16:42:11 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcflmpm.dll [2011-08-17 16:42:11 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcfcoms.exe [2011-08-17 16:42:11 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcfih.exe [2011-08-17 16:42:11 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcfprox.dll [2011-08-17 16:42:11 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcfpplc.dll [2011-08-17 16:42:10 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcfcomc.dll [2011-08-17 16:42:10 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcfcomm.dll [2011-08-17 16:42:10 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxcfcfg.exe [2011-05-20 15:03:20 | 000,090,586 | ---- | C] () -- C:\Users\Tieme\AppData\Roaming\mdbu.bin [color=#E56717:29fa22c724]========== LOP Check ==========[/color:29fa22c724] [2011-01-13 19:23:33 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\Ancient Quest of Saqqarah__cminion [2011-10-07 11:28:27 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\AVG2012 [2011-09-23 13:02:09 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\Belastingdienst [2010-01-04 12:50:42 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\MagicMatch [2011-01-03 12:47:17 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\Saqqarah [2010-01-04 12:50:42 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\StoneLoops! [2009-09-22 20:26:57 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\TomTom [2009-01-17 15:29:50 | 000,000,000 | ---D | M] -- C:\Users\Tieme\AppData\Roaming\Vodafone [2012-04-29 17:12:34 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-04-29 13:45:47 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{178228E2-2D84-4E02-A89F-4E627E74743D}.job [color=#E56717:29fa22c724]========== Purity Check ==========[/color:29fa22c724] < End of report > [b:29fa22c724]Extras.txt:[/b:29fa22c724] OTL Extras logfile created on: 29-4-2012 17:35:11 - Run 1 OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Tieme\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 1,99 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 54,39% Memory free 4,21 Gb Paging File | 3,05 Gb Available in Paging File | 72,40% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 129,24 Gb Total Space | 77,48 Gb Free Space | 59,95% Space Free | Partition Type: NTFS Drive D: | 19,80 Gb Total Space | 13,68 Gb Free Space | 69,10% Space Free | Partition Type: FAT32 Computer Name: PC_VAN_TIEME | User Name: Tieme | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:29fa22c724]========== Extra Registry (SafeList) ==========[/color:29fa22c724] [color=#E56717:29fa22c724]========== File Associations ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717:29fa22c724]========== Shell Spawning ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717:29fa22c724]========== Security Center Settings ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717:29fa22c724]========== System Restore Settings ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717:29fa22c724]========== Firewall Settings ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [color=#E56717:29fa22c724]========== Authorized Applications List ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717:29fa22c724]========== Vista Active Open Ports Exception List ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06E6864D-30F6-4040-B27A-8D588495B6EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C5ECB369-97D3-4749-A3F6-471E8C6D0DA0}" = lport=2869 | protocol=6 | dir=in | app=system | [color=#E56717:29fa22c724]========== Vista Active Application Exception List ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0190B794-0A0F-4CEF-8D03-27A199326DE1}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{0E47E554-55C3-44D4-9F4E-B76A4175C219}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{186BDBD5-9259-45FE-984E-24FB8A34BFBE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{19455922-8F45-4E56-A37A-C6C023A7816B}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{19E2CC79-F6C3-4790-97FE-AEBC97D4C509}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{237E28A7-C6AF-486C-AAAC-CEF3DFD2F36F}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe | "{29A5D30F-875F-428B-A054-A5E096A40F6B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcfpswx.exe | "{2AF7085B-1A85-416F-8264-8DA79585F02E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{3900EC13-4DAA-4D33-A58F-B630E44958C8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{3E2F9961-38CE-47AF-8F4B-CDB87F467759}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{40C4C43B-F85C-4AE0-93BF-11275570B16C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{4472278D-75E4-472D-BD54-7B35199E1A66}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{4BAC15EA-C049-4BC9-8753-F7B124A6B081}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{6353E1CD-1DB5-43C8-9E70-B504C32C38D6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{6F384808-779F-477D-AB42-6DA84BEE1C5D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{8B91EC26-4FD1-4FBF-90F4-625BAEC9B269}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{8F0788FA-6D52-4A50-BD7B-410E046516E8}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcfpswx.exe | "{8F94A5F4-623E-4094-B270-3565CBC79849}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{91B91E14-DE06-432B-8C59-9091ADF7F5B1}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{9D8EF12A-F58E-441C-91C3-392477798978}" = dir=in | app=c:\windows\system32\lxeecoms.exe | "{A2D4BE09-17FD-47A2-8757-B36355174A96}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{A5B67454-FB77-4683-9801-370F93F7C9EF}" = protocol=6 | dir=in | app=c:\windows\system32\lxcfcoms.exe | "{A8074D9C-ED3C-4752-900C-C87369192EA8}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe | "{AB6EF8D2-9191-4A1C-8FAE-D5D4E40352BB}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{AF56C5BA-8011-48B4-962C-2F52435690F8}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{B1B12196-4257-41E9-A0DB-5957B3022944}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{BA5A4A9D-0F97-4C0A-A70F-483C2947F459}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{C6A8D278-DC77-4DFA-9C9F-90E04BD27108}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{C964A70B-D111-49E6-A9C5-B60C4FEFCD2E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{D26E65E8-8EA8-4E32-85C1-98C965055495}" = protocol=17 | dir=in | app=c:\windows\system32\lxcfcoms.exe | "{D41A4936-6700-4B92-B45C-B0945503AD7F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{D5AEFCF3-7068-42E4-A78F-529C195798D8}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{D8CDC662-8080-4DC2-A910-FA1942FCE410}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{D9AE9D91-1F40-4365-A362-FCC79C82D32D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F694D81E-D1CF-4A89-B7FD-AEA89A9EB9B9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "TCP Query User{69D95BD6-E584-4CC9-B97D-73BC78E9463F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{51C1E127-EC3A-46CF-A5DA-582018F348EB}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | [color=#E56717:29fa22c724]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:29fa22c724] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00010413-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{069C1AD7-AC72-40E0-A156-7442EA6A48D7}" = AVG 2012 "{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0 "{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 26 "{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Photo 7.0 "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{47948554-90C6-4AAC-8CFA-D23CE11C1043}" = Nero 8 Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = BisonCam "{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}" = Windows Live Photo Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}" = Windows Live aanmeldhulp "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink Wireless LAN "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Hi Online "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Nederlands "{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C20C2630-B3A7-44BA-BDD0-31E256AE490E}" = Windows Live Call "{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync "{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials "{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}" = Vodafone Mobile Connect Lite Huawei "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "Aangifte inkomstenbelasting 2009" = Aangifte inkomstenbelasting 2009 "Aangifte inkomstenbelasting 2010" = Aangifte inkomstenbelasting 2010 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "albelli photo book creator Extra_is1" = albelli photo book creator Extra "AVG" = AVG 2012 "Cradle of Rome Deluxe" = Cradle of Rome Deluxe "ESET Online Scanner" = ESET Online Scanner v3 "Google Desktop" = Google Desktop "HDMI" = Intel(R) Graphics Media Accelerator Driver "HEMA Fotoservice_is1" = HEMA Fotoservice "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "Lexmark 730 Series" = Lexmark 730 Series "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.60.0.1800 "Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "OpenAL" = OpenAL "PhotoViewer" = PhotoViewer 2.4 "Picasa 3" = Picasa 3 "SimpleScreenshot" = SimpleScreenshot 1.30 "StepBridge" = StepBridge "TMM90JDAME" = PRINCIPIANTE SIN NOCIONES "TomTom HOME" = TomTom HOME 2.8.3.2499 "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinLiveSuite_Wave3" = Windows Live Essentials "Works2003Setup" = Microsoft Works 2003 Setup starten [color=#E56717:29fa22c724]========== HKEY_USERS Uninstall List ==========[/color:29fa22c724] [HKEY_USERS\S-1-5-21-2410586063-1504387845-2777331494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717:29fa22c724]========== Last 10 Event Log Errors ==========[/color:29fa22c724] [ Application Events ] Error - 9-10-2010 10:59:39 | Computer Name = PC_van_Tieme | Source = MsiInstaller | ID = 11706 Description = Error - 9-10-2010 11:00:21 | Computer Name = PC_van_Tieme | Source = MsiInstaller | ID = 11706 Description = Error - 9-10-2010 11:24:06 | Computer Name = PC_van_Tieme | Source = Google Update | ID = 20 Description = Error - 9-10-2010 12:24:06 | Computer Name = PC_van_Tieme | Source = Google Update | ID = 20 Description = Error - 10-10-2010 3:15:56 | Computer Name = PC_van_Tieme | Source = WinMgmt | ID = 10 Description = Error - 10-10-2010 3:24:05 | Computer Name = PC_van_Tieme | Source = Google Update | ID = 20 Description = Error - 10-10-2010 12:17:09 | Computer Name = PC_van_Tieme | Source = WinMgmt | ID = 10 Description = Error - 10-10-2010 12:24:05 | Computer Name = PC_van_Tieme | Source = Google Update | ID = 20 Description = Error - 10-10-2010 13:24:05 | Computer Name = PC_van_Tieme | Source = Google Update | ID = 20 Description = Error - 11-10-2010 5:18:06 | Computer Name = PC_van_Tieme | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 29-4-2012 9:44:29 | Computer Name = PC_van_Tieme | Source = Print | ID = 6161 Description = Document 40pfl5007h_12_dfu_nld.pdf van Tieme kan niet worden afgedrukt op printer Lexmark 730 Series. Probeer het document opnieuw af te drukken of start de afdrukspooler opnieuw. Gegevenstype: LEMF. Grootte van spooler-bestand (in bytes): 4672976. Aantal afgedrukte bytes: 0. Totaal aantal pagina's van document: 8. Aantal afgedrukte pagina's: 1. Clientcomputer: \\PC_VAN_TIEME. Win32-foutcode geretourneerd door afdrukprocessor: 0. De bewerking is voltooid. Error - 29-4-2012 9:46:03 | Computer Name = PC_van_Tieme | Source = Print | ID = 6161 Description = Document 40pfl5007h_12_dfu_nld.pdf van Tieme kan niet worden afgedrukt op printer Lexmark 730 Series. Probeer het document opnieuw af te drukken of start de afdrukspooler opnieuw. Gegevenstype: LEMF. Grootte van spooler-bestand (in bytes): 3126460. Aantal afgedrukte bytes: 0. Totaal aantal pagina's van document: 7. Aantal afgedrukte pagina's: 1. Clientcomputer: \\PC_VAN_TIEME. Win32-foutcode geretourneerd door afdrukprocessor: 0. De bewerking is voltooid. Error - 29-4-2012 9:46:39 | Computer Name = PC_van_Tieme | Source = Print | ID = 6161 Description = Document 40pfl5007h_12_dfu_nld.pdf van Tieme kan niet worden afgedrukt op printer Lexmark 730 Series. Probeer het document opnieuw af te drukken of start de afdrukspooler opnieuw. Gegevenstype: LEMF. Grootte van spooler-bestand (in bytes): 2239712. Aantal afgedrukte bytes: 0. Totaal aantal pagina's van document: 6. Aantal afgedrukte pagina's: 1. Clientcomputer: \\PC_VAN_TIEME. Win32-foutcode geretourneerd door afdrukprocessor: 0. De bewerking is voltooid. Error - 29-4-2012 9:47:28 | Computer Name = PC_van_Tieme | Source = Print | ID = 6161 Description = Document 40pfl5007h_12_dfu_nld.pdf van Tieme kan niet worden afgedrukt op printer Lexmark 730 Series. Probeer het document opnieuw af te drukken of start de afdrukspooler opnieuw. Gegevenstype: LEMF. Grootte van spooler-bestand (in bytes): 1796368. Aantal afgedrukte bytes: 0. Totaal aantal pagina's van document: 5. Aantal afgedrukte pagina's: 1. Clientcomputer: \\PC_VAN_TIEME. Win32-foutcode geretourneerd door afdrukprocessor: 0. De bewerking is voltooid. Error - 29-4-2012 9:48:14 | Computer Name = PC_van_Tieme | Source = Print | ID = 6161 Description = Document 40pfl5007h_12_dfu_nld.pdf van Tieme kan niet worden afgedrukt op printer Lexmark 730 Series. Probeer het document opnieuw af te drukken of start de afdrukspooler opnieuw. Gegevenstype: LEMF. Grootte van spooler-bestand (in bytes): 1234092. Aantal afgedrukte bytes: 0. Totaal aantal pagina's van document: 4. Aantal afgedrukte pagina's: 1. Clientcomputer: \\PC_VAN_TIEME. Win32-foutcode geretourneerd door afdrukprocessor: 0. De bewerking is voltooid. Error - 29-4-2012 9:49:02 | Computer Name = PC_van_Tieme | Source = Print | ID = 6161 Description = Document 40pfl5007h_12_dfu_nld.pdf van Tieme kan niet worden afgedrukt op printer Lexmark 730 Series. Probeer het document opnieuw af te drukken of start de afdrukspooler opnieuw. Gegevenstype: LEMF. Grootte van spooler-bestand (in bytes): 717896. Aantal afgedrukte bytes: 0. Totaal aantal pagina's van document: 3. Aantal afgedrukte pagina's: 1. Clientcomputer: \\PC_VAN_TIEME. Win32-foutcode geretourneerd door afdrukprocessor: 0. De bewerking is voltooid. Error - 29-4-2012 9:49:38 | Computer Name = PC_van_Tieme | Source = Print | ID = 6161 Description = Document 40pfl5007h_12_dfu_nld.pdf van Tieme kan niet worden afgedrukt op printer Lexmark 730 Series. Probeer het document opnieuw af te drukken of start de afdrukspooler opnieuw. Gegevenstype: LEMF. Grootte van spooler-bestand (in bytes): 204128. Aantal afgedrukte bytes: 0. Totaal aantal pagina's van document: 2. Aantal afgedrukte pagina's: 1. Clientcomputer: \\PC_VAN_TIEME. Win32-foutcode geretourneerd door afdrukprocessor: 0. De bewerking is voltooid. Error - 29-4-2012 11:12:16 | Computer Name = PC_van_Tieme | Source = DCOM | ID = 10010 Description = Error - 29-4-2012 11:14:42 | Computer Name = PC_van_Tieme | Source = HTTP | ID = 15016 Description = Error - 29-4-2012 11:15:28 | Computer Name = PC_van_Tieme | Source = Service Control Manager | ID = 7000 Description = < End of report >
  • Ik kan geen malare ontdekken. [b:7ff32d01b9]Sluit voordat [color=#008000:7ff32d01b9]OTL[/color:7ff32d01b9] de fix laat doen, eerst alle andere openstaande vensters![/b:7ff32d01b9] [list:7ff32d01b9][*:7ff32d01b9]Dubblklik op [img:7ff32d01b9]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:7ff32d01b9] [*:7ff32d01b9]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het kader onder [img:7ff32d01b9]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:7ff32d01b9] [b:7ff32d01b9][color=#0000FF:7ff32d01b9] :OTL IE - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=xChuVC0Hv1P0Q9amnh20camUIvM?q={searchTerms} O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O3 - HKU\S-1-5-21-2410586063-1504387845-2777331494-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. :Services :Reg :Files ipconfig /flushdns /c :Commands [purity] [emptytemp] [resethosts] [emptyjava] [emptyflash] [createrestorepoint] [reboot][/color:7ff32d01b9][/b:7ff32d01b9] [*:7ff32d01b9]Klik daarna bovenaan op [img:7ff32d01b9]http://www.imgdumper.nl/uploads5/4f911cee9de47/4f911cee9da59-OTL-4.png[/img:7ff32d01b9] [*:7ff32d01b9]Laat het programma ongestoord zijn werk doen. [*:7ff32d01b9][color=#FF0000:7ff32d01b9][b:7ff32d01b9]OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.[/b:7ff32d01b9][/color:7ff32d01b9] [*:7ff32d01b9]Klik op [b:7ff32d01b9]OK[/b:7ff32d01b9] [*:7ff32d01b9]Na het opnieuw opstarten wordt enkel een nieuw log geopend. [*:7ff32d01b9]Post via kopiëren en plakken de inhoud van dat OTL-scanlog.[/list:u:7ff32d01b9] Laat ook weten wat Taakbeheer aangeeft over het aantal processen en het bijbehorende CPU-gebruik.
  • [b:195ad5997b]OTL Log:[/b:195ad5997b] All processes killed ========== OTL ========== Registry key HKEY_USERS\S-1-5-21-2410586063-1504387845-2777331494-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found. Registry value HKEY_USERS\S-1-5-21-2410586063-1504387845-2777331494-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_USERS\S-1-5-21-2410586063-1504387845-2777331494-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found. Registry value HKEY_USERS\S-1-5-21-2410586063-1504387845-2777331494-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found. Registry value HKEY_USERS\S-1-5-21-2410586063-1504387845-2777331494-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== [color=#A23BEC:195ad5997b]< ipconfig /flushdns /c >[/color:195ad5997b] Windows IP-configuratie De DNS-omzettingscache is leeggemaakt. C:\Users\Tieme\Desktop\cmd.bat deleted successfully. C:\Users\Tieme\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: Tieme ->Temp folder emptied: 17982510 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 611 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 21050 bytes RecycleBin emptied: 874 bytes Total Files Cleaned = 17,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYJAVA] User: All Users User: Default User: Default User User: Public User: Tieme ->Java cache emptied: 0 bytes Total Java Files Cleaned = 0,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: Tieme ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.42.2 log created on 07292012_173040 Files\Folders moved on Reboot... File\Folder C:\Users\Tieme\AppData\Local\Temp\~DF490C.tmp not found! File\Folder C:\Users\Tieme\AppData\Local\Temp\~DF4917.tmp not found! File\Folder C:\Users\Tieme\AppData\Local\Temp\~DF4975.tmp not found! File\Folder C:\Users\Tieme\AppData\Local\Temp\~DF4986.tmp not found! File\Folder C:\Users\Tieme\AppData\Local\Temp\~DF4A0E.tmp not found! File\Folder C:\Users\Tieme\AppData\Local\Temp\~DF4A18.tmp not found! Registry entries deleted on Reboot... [b:195ad5997b][/b:195ad5997b]
  • [img]C:\Users\Tieme\Documents\PrintScreen Files\TaakBeheer - Processen
  • Dat is wel rijkelijk laat gepost zeg. Daar had je beter voorafgaande een vraag over kunnen stellen, daar in die drie maanden na mijn opdracht de toestand van dat notebook veranderd zal zijn! Maar goed - wat is de huidige stand van zaken betreffende die klapkoffer?
  • Installeer de videokaart eens opnieuw met de echte driver van de fabrikant. Met de automatisch geïnstalleerde driver van zeker XP maar ook Win 7 zie je dan vaak een ernome verbetering in snelheid.
  • Sorry, mijn ouders zijn op vakantie geweest en ik ben hier ook 3 maanden niet meer geweest. Vandaar. Inderdaad had ik al het vermoeden dat er teveel tijd tussen had gezeten, maar heb toch maar de OTL gedraaid. De Laptop is iets sneller. Mijn moeder heeft zelf tupe-up van AVG gedraaid en dat heeft iets geholpen.
  • OK, dan ga ik even uitzoeken wie de werkelijke febrikant is van de videokaart. Bedankt voor het advies. Ik laat wel weten hoe het daarna is.
  • Veel belangrijker is merk en juiste type aanduiding van het notebook!

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.